If you’re one of the millions of people who have turned to Microsoft Teams during the recent crisis to communicate and collaborate with your team, it’s important to know that the platform is vulnerable to serious security threats. However, there are steps you can take to protect your data and maintain a strong security posture.
Understand the Default Access Policy
When Microsoft Teams was implemented, it came with a flexible access policy by default, making it easy for organisations to quickly adopt the platform. However, the default access policy is still enabled in many organisations, leaving them open to vulnerabilities if they are not properly checking their security.
One of the main vulnerabilities associated with Teams is that it is implemented out of the box with federated access to external users on by default. This means that anyone in the world can search for a user by email, request to chat, share files, and potentially expose the individual and their entire organisation to communications that are often acted with malicious intent.
Interact with Content Safely
Teams allows individuals to interact with content outside of the Teams’ perspective. This means that an external user could search for someone in your organisation and send them a malicious file stored in a third-party storage provider. To protect your organisation, it is important to implement security policies from the top down.
Protect Your Organisation with Security Policies
As a user, you may not have control over all aspects of your organisation’s security policies, but it’s important to understand what they are and how they can help protect you. Administrators can allow approved domains only to federate, selectively enable guest access, create a process around attestation, and strengthen authorisation policies.
Additionally, naming conventions and label policies should be established. By implementing naming conventions, you can help protect your organisation’s usage of Teams by making it easier to identify and classify data. Sensitive labels can be applied based on label and restrict guest access or app use for highly sensitive Teams.
Secure Your Teams Usage
As more companies plan to work remotely, it is essential to implement the strongest security posture across communication platforms like Microsoft Teams. By following the strategies mentioned above, you can protect your data and ensure your team is secure when using Teams. Remember to always be vigilant and practise safe habits when communicating and collaborating on the platform.
