The 4 most common security challenges in Microsoft Teams

Teams has become a fixture with the growth of “Modern Work. Many organizations are using it but is it being used to its full potential? In addition to the many opportunities it offers, there are a few things to watch out for.

1. Screen sharing with sensitive/confidential data visible.

Microsoft Teams allows users to share content in a conversation or meeting via screen sharing, from any location and on any device. This feature is very useful as it improves communication and promotes productivity and collaboration during meetings.
This comes with the risk that during screen sharing, sensitive notifications or data from other applications or communication platforms may be inadvertently displayed and shared with other participants. This can lead to the compromise of sensitive information. IT and tenant administrators should also assess the risk that guests could request control of a shared screen.

2. Loss of control over documents and data

Microsoft Teams allows users to share files and collaborate via chat. It can be integrated with other cloud-based applications such as OneDrive, Box, Dropbox and Google Drive. There is a risk that sensitive or confidential data could be exposed or uploaded by internal users or external guests. With the proliferation of data privacy laws and regulations that focus on the collection, processing and transfer of personal data, there is also an increased focus on the whereabouts of data.

It is important to be aware of the geographic region where your Microsoft Teams account is located and how privacy laws affect the geographic region, your region, and consumer or customer requirements.

3. No control over user behavior

Microsoft Teams is just one of many business applications deployed in an organization. Because of the number of enterprise applications, there is a risk that security policies may not be consistent. For example, users may be blocked from sharing certain data through emails, but the data may still be shared through Microsoft Teams.

Therefore, it is important that security policies are consistent across all of these applications. This includes file transfers via email, encryption and password protection on laptops, mobile devices and USB devices

4. Guest users

Microsoft Teams allows members of an organization to collaborate with externals, such as vendors, customers and contractors. Externs gain access to documents and resources in channels, chats and applications. This access allows externals to access and share files from the Teams channel and SharePoint. Tenant administrators can enable or disable external access, meaning Teams can be open or closed to guests. The challenge is that it is difficult to implement organization-wide settings in Teams that allow tenant administrators to restrict Teams channels to only internal teams, public teams and teams with only authorized guests, if necessary.

We have recorded a series of webinars with a roadmap to help you manage your Microsoft Teams environment as securely as possible without sacrificing efficiency.

Watch the first webinar in the series below.