# Teams

![](/files/nOWmoJIM2hkSHgsKUvbe)

**Section Purpose:** The security section shows recommend security controls for Teams based on the CIS Controls. Each control contains the following subsections:

* Description
* Policy Definition
* Licensing Considerations 
* Set Up Instructions
* End-User Impact
* PowerShell Scripts
* Video Tutorials

| Policy                                                                                                                                                                                                                          | End-User Impact                                      | License                      |
| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------- | ---------------------------- |
| [Private Channels shall be utilized to restrict access to sensitive information](/security/teams/private-channels-shall-be-utilized-to-restrict-access-to-sensitive-information.md)                                             | <mark style="background-color:yellow;">Medium</mark> | Standard                     |
| [External Participants SHOULD NOT Be Enabled to Request Control of Shared Desktops or Windows in Meet](/security/teams/external-participants-should-not-be-enabled-to-request-control-of-shared-desktops-or-windows-in-meet.md) | <mark style="background-color:green;">Low</mark>     | Standard                     |
| [Anonymous Users SHALL NOT Be Enabled to Start Meetings](/security/teams/anonymous-users-shall-not-be-enabled-to-start-meetings.md)                                                                                             | <mark style="background-color:green;">Low</mark>     | Standard                     |
| [External User Access SHALL Be Restricted](/security/teams/external-user-access-shall-be-restricted.md)                                                                                                                         | <mark style="background-color:yellow;">Medium</mark> | Standard                     |
| [Unmanaged User Access SHALL Be Restricted](/security/teams/unmanaged-user-access-shall-be-restricted.md)                                                                                                                       | <mark style="background-color:green;">Low</mark>     | Standard                     |
| [Contact with Skype Users SHALL Be Blocked](/security/teams/contact-with-skype-users-shall-be-blocked.md)                                                                                                                       | <mark style="background-color:green;">Low</mark>     | Standard                     |
| [Teams Email Integration SHALL Be Disabled](/security/teams/teams-email-integration-shall-be-disabled.md)                                                                                                                       | <mark style="background-color:green;">Low</mark>     | Enterprise                   |
| [Only Approved Apps SHOULD Be Installed](/security/teams/only-approved-apps-should-be-installed.md)                                                                                                                             | <mark style="background-color:yellow;">Medium</mark> | Standard                     |
| [Data Loss Prevention Solutions SHALL Be Enabled](/security/teams/data-loss-prevention-solutions-shall-be-enabled.md)                                                                                                           | <mark style="background-color:yellow;">Medium</mark> | Business Premium, Enterprise |
| [Only the Meeting Organizer SHOULD Be Able to Record Live Events](/security/teams/only-the-meeting-organizer-should-be-able-to-record-live-events.md)                                                                           | <mark style="background-color:green;">Low</mark>     | Enterprise                   |
| [Attachments SHOULD Be Scanned for Malware](/security/teams/attachments-should-be-scanned-for-malware.md)                                                                                                                       | <mark style="background-color:green;">Low</mark>     | Defender for Office 365      |
| [Link Protection SHOULD Be Enabled](/security/teams/link-protection-should-be-enabled.md)                                                                                                                                       | <mark style="background-color:green;">Low</mark>     | Defender for Office 365      |
| [Restrict Users who can Create Teams Channels](/security/teams/restrict-users-who-can-create-teams-channels.md)                                                                                                                 | <mark style="background-color:yellow;">Medium</mark> | Azure AD P1                  |
| [Teams Channels shall have an expiration policy](/security/teams/teams-channels-shall-have-an-expiration-policy.md)                                                                                                             | <mark style="background-color:yellow;">Medium</mark> | Standard                     |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.tminus365.com/security/teams.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.