# Teams
**Section Purpose:** The security section shows recommend security controls for Teams based on the CIS Controls. Each control contains the following subsections:
* Description
* Policy Definition
* Licensing Considerations
* Set Up Instructions
* End-User Impact
* PowerShell Scripts
* Video Tutorials
| Policy | End-User Impact | License |
| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------- | ---------------------------- |
| [private-channels-shall-be-utilized-to-restrict-access-to-sensitive-information](https://docs.tminus365.com/security/teams/private-channels-shall-be-utilized-to-restrict-access-to-sensitive-information "mention") | Medium | Standard |
| [external-participants-should-not-be-enabled-to-request-control-of-shared-desktops-or-windows-in-meet](https://docs.tminus365.com/security/teams/external-participants-should-not-be-enabled-to-request-control-of-shared-desktops-or-windows-in-meet "mention") | Low | Standard |
| [anonymous-users-shall-not-be-enabled-to-start-meetings](https://docs.tminus365.com/security/teams/anonymous-users-shall-not-be-enabled-to-start-meetings "mention") | Low | Standard |
| [external-user-access-shall-be-restricted](https://docs.tminus365.com/security/teams/external-user-access-shall-be-restricted "mention") | Medium | Standard |
| [unmanaged-user-access-shall-be-restricted](https://docs.tminus365.com/security/teams/unmanaged-user-access-shall-be-restricted "mention") | Low | Standard |
| [contact-with-skype-users-shall-be-blocked](https://docs.tminus365.com/security/teams/contact-with-skype-users-shall-be-blocked "mention") | Low | Standard |
| [teams-email-integration-shall-be-disabled](https://docs.tminus365.com/security/teams/teams-email-integration-shall-be-disabled "mention") | Low | Enterprise |
| [only-approved-apps-should-be-installed](https://docs.tminus365.com/security/teams/only-approved-apps-should-be-installed "mention") | Medium | Standard |
| [data-loss-prevention-solutions-shall-be-enabled](https://docs.tminus365.com/security/teams/data-loss-prevention-solutions-shall-be-enabled "mention") | Medium | Business Premium, Enterprise |
| [only-the-meeting-organizer-should-be-able-to-record-live-events](https://docs.tminus365.com/security/teams/only-the-meeting-organizer-should-be-able-to-record-live-events "mention") | Low | Enterprise |
| [attachments-should-be-scanned-for-malware](https://docs.tminus365.com/security/teams/attachments-should-be-scanned-for-malware "mention") | Low | Defender for Office 365 |
| [link-protection-should-be-enabled](https://docs.tminus365.com/security/teams/link-protection-should-be-enabled "mention") | Low | Defender for Office 365 |
| [restrict-users-who-can-create-teams-channels](https://docs.tminus365.com/security/teams/restrict-users-who-can-create-teams-channels "mention") | Medium | Azure AD P1 |
| [teams-channels-shall-have-an-expiration-policy](https://docs.tminus365.com/security/teams/teams-channels-shall-have-an-expiration-policy "mention") | Medium | Standard |