Microsoft has introduced a new Teams admin policy that allows organizers to prevent third-party bots from joining meetings without approval.
This new feature was first announced in a March Microsoft 365 roadmap entry, when Microsoft said that it would be available across Windows, macOS, Android, and iOS platforms for worldwide standard multi-tenant and GCC cloud environments.
Once enabled, the policy will block malicious apps controlled by threat actors or third-party bots (used for note-taking, transcription, or other automated tasks) from joining Teams meetings, ensuring attendees know a non-human participant has been added.
The policy gives organizations more control and visibility over external bots in their meetings, helping them identify bots more easily and adding safeguards designed to ensure that only the intended participants and tools can join.
"The new policy in the Teams Admin Center, Manage external bots and their access to meetings, can be assigned to individual users or specific groups," Microsoft said on Monday.
"When enabled, Teams automatically detects potential bots, places them in the meeting lobby, clearly identifies them, and prompts organizers to confirm admission. Even in meetings where organizers allow participants to bypass the lobby, bots identified through this policy will continue to require approval before joining."
Teams meeting suspected threats (Microsoft)
Microsoft is now also planning to add additional admin controls, including allow lists for approved bots, policies to block external bots entirely, admin reports and audit logs on the detection and presence of bots, and more granular controls aligned to different security requirements.
More recently, in April, Microsoft warned that attackers are increasingly abusing external Teams collaboration for access and lateral movement on enterprise networks, impersonating IT or helpdesk staff to contact employees via cross-tenant chats and trick them into granting remote access to steal data.
Post a Comment Community Rules
You need to login in order to post a comment
Not a member yet? Register Now
<small>Source: Bleeping Computer</small>
