What’s new in Microsoft Teams security

Every day, uninvited attendees target online meetings in our businesses and schools. Administrators at Penn State and other universities have had ongoing problems, including “online harassment where an individual hijacks a video conference to wreak havoc, such as using the screen-sharing function to show offensive or malicious content or spouting hateful or threatening language.”

These security threats were the topic of a Microsoft Ignite session with John Gruszczyk, Product Manager at Microsoft; Rushmi Malaviarachchi, Director of Program Management for Microsoft Teams at Microsoft; and Mansoor Malik, Product Leader and Founding member of Microsoft Teams. During the session, they discussed improvements being made to Teams to make it more secure.

Teams is evolving to improve security

Rushmi Malaviarachchi shared his vision of how Teams and its usage has evolved. Rushmi sees Teams as becoming a content generation platform. It allows more people to collaborate and do work together.

As this happens, it becomes more important to keep the information safe. Here are a few of the new enhancements coming to Teams as a result of this growth:

Better security for 3rd party content: over 70% of Teams apps generate card content. The latest security for Teams ensures that these enhancements will protect data from third-party apps.

Improved data residency: with Microsoft 365 Multi-Geo, you will store data REST in the geographic location you choose on a per-user basis. This improvement allows companies to meet data residency requirements. It’s important to note that Teams Multi-Geo is not about speed but for compliance with GDPR and data residency.

Prevent unwanted incidents: Teams is now in scope with Microsoft Secure Score, and Sentinel can collect event data and analyze it using artificial intelligence. New features will control who can present, what is recorded, and who can record it. Admins can prevent unauthorized attendees from attending meetings. They can restrict meeting invitations from being forwarded. Controls will require people who want participate outside the organization to enter a lobby and then be admitted into the video conference.

Presenters have new abilities: presenters can now hard mute every attendee and disable video for all attendees. It allows presenters to use a hard mute and require a person to raise their hand before being unmuted.

Data encryption for 1:1 calls: Teams supports end-to-end encryption for 1-to-1 calls. Currently, this is in the first phase of deployment, and both the caller and callee will need to have opted-in to encryption before the call. In the future, Teams will also offer end-to-end encryption for meetings.

Orgs may hold their encryption keys: some companies may have concerns about an outside source like Microsoft holding their encryption keys due to compliance. Teams now allows customers to provide and control their own keys. However, as they pointed out at the conference, if you hold your own keys and call support, a Microsoft support rep doesn’t have the key, and they won’t be able to give you access.

Sensitivity labels: as more collaboration occurs across businesses, Teams must have the ability to retain security and compliance features even when people are working from outside of an organization. Teams admins are now able to classify, label, and protect sensitive content. After providing a sensitivity label, an admin will control the privacy and access to the team’s guest users.

Microsoft Teams security and usability… together

With these new features, everyone should feel more secure when using Teams. These new features will allow admins, presenters, and more to provide a safer Teams environment for everyone. Usability and security no longer have to be at odds with each other. They can coexist while providing better protection for every Teams user.