Teams

Section Purpose: The security section shows recommend security controls for Teams based on the CIS Controls. Each control contains the following subsections:

Description
Policy Definition
Licensing Considerations
Set Up Instructions
End-User Impact
PowerShell Scripts
Video Tutorials

Policy

End-User Impact

License

Private Channels shall be utilized to restrict access to sensitive information

Medium

Standard

External Participants SHOULD NOT Be Enabled to Request Control of Shared Desktops or Windows in Meet

Low

Standard

Anonymous Users SHALL NOT Be Enabled to Start Meetings

Low

Standard

External User Access SHALL Be Restricted

Medium

Standard

Unmanaged User Access SHALL Be Restricted

Low

Standard

Contact with Skype Users SHALL Be Blocked

Low

Standard

Teams Email Integration SHALL Be Disabled

Low

Enterprise

Only Approved Apps SHOULD Be Installed

Medium

Standard

Data Loss Prevention Solutions SHALL Be Enabled

Medium

Business Premium, Enterprise

Only the Meeting Organizer SHOULD Be Able to Record Live Events

Low

Enterprise

Attachments SHOULD Be Scanned for Malware

Low

Defender for Office 365

Link Protection SHOULD Be Enabled

Low

Defender for Office 365

Restrict Users who can Create Teams Channels

Medium

Azure AD P1

Teams Channels shall have an expiration policy

Medium

Standard

PreviousInactive accounts shall be blocked or deleted NextPrivate Channels shall be utilized to restrict access to sensitive information

Last updated 1 year ago