SOLUTIONS

For IT & Collaboration Owners
Deliver safe, secure collaboration while satisfying the needs of stakeholders across the business

For Security
Improve your risk posture with a purpose-built solution for collaboration

For Legal
Scale, orchestrate and streamline your eDiscovery process for employee collaboration
For Compliance
Establish a proactive approach to collaboration compliance and information governance


For Employee Experience
Harness insights from surveys and collaboration data to transform the employee experience

AWR-2023_human-behavior-risk-analysis-report_cover art_small
Download the Resource

The Human Behavior Risk Analysis

Learn More →

Integrations

Connect Aware to the tools you already use to have all your company messaging in one place.

LEARN MORE →
Our Platform

Contextual Intelligence Platform

Aware is a contextual intelligence platform that identifies and reduces risk, strengthens security and compliance, and uncovers real-time business insights from digital conversations at scale.

LEARN MORE → Learn About our AI →
Our Applications
Flashlight

Signal

Protect your data and your people with complete, real-time visibility and centralized control of collaboration.

Learn More →
Chat_Search

Data Management

Take centralized control and make smarter decisions about what to keep and what to purge.

Learn More →
file_lock

Search & Discover

AI-powered universal search purpose-built for collaboration. Find information and surfaces the full story—faster.

Learn More →
Growth

Spotlight

Automatically capture authentic human signals from modern collaboration to support your most valuable asset.

Learn More →
AWR-2022-HBRA-LandingPage-Visual

What's in your data?

Calculate my results →

Company

About Aware

Our leadership, our company

Careers

Explore open roles with our remote-friendly, global team

Partners

Driving customer value, together

Press Releases

Digital workplace news and insights

Customers

How Aware customers streamline operations, reduce risk, and boost productivity

Security

Data security partners & certifications

Contact

Get in touch with us

Aware-BPW-Company-Nav

10 Reasons Why Aware is a Top Place to Work

Learn more →

Resources

Access reports, webinars, checklists and more.

Explore →

Blog

Explore articles devoted to enterprise collaboration, employee engagement, research & more

Explore →
Case Study Promo_2023

How Aware customers streamline operations, reduce risk, and boost productivity

Read More →
Menu

Microsoft Teams Security: Everything You Need to Know

by Aware

First Published Jun. 2023. Updated May 2024. 

Microsoft Teams is a leading collaboration tool used by businesses to streamline communication and enhance productivity. But does Teams secure sensitive and proprietary data and protect it from malicious actors? In this post, we explore the security features and potential risks associated with Microsoft Teams and provide insights into how businesses can ensure a secure environment for confidential information.

MS-Teams-Aware-Integration

Learn more about how Aware can secure Microsoft Teams for businesses

Contents

What is Microsoft Teams?

Microsoft Teams is a collaboration platform offered by Microsoft. It serves as a hub for teamwork, enabling users to chat, meet, call, and collaborate on various tasks in a single application. As a Microsoft 365 App, Teams integrates seamlessly with other Microsoft applications, such as Office, Outlook, OneDrive, and SharePoint.

What are the advantages of using Microsoft Teams?

Microsoft Teams offers several business benefits that can enhance productivity, collaboration, and communication within organizations. From minimizing information silos to fostering flexibility, here are 10 key benefits of using Microsoft Teams chat and video platform:

  1. Seamless Communication: Teams enables real-time and asynchronous collaboration regardless of location or time zone.
  2. Enhanced Collaboration: A central hub for collaboration allows users to co-author documents, share files, and work on projects simultaneously.
  3. Streamlined Workflows: With integrated apps and services, Teams removes the need to switch between applications to view or share information.
  4. Video Conferencing: Colleagues can engage in face-to-face calls and screen sharing, and collaborate in real-time, even when working remotely.
  5. Document Management: Teams provides a secure environment for document organization and sharing with restricted channels to limit visibility of sensitive data.
  6. Task Management: Built-in task management features like Planner and To Do allow users to create and assign tasks, set deadlines, and track progress.
  7. Remote and Hybrid Work: Teams is available for almost any device and operating system, making it widely accessible to employees, wherever they are working.
  8. Third-Party Integrations: Teams supports integration with third-party apps, enabling organizations to customize their workflows and bring additional functionalities into the platform, tailored to their specific business needs.
  9. Information Security: Microsoft Teams incorporates robust security measures, including data encryption and multi-factor authentication.
  10. Company Culture and Engagement: Teams provides features like channels, announcements, and social interactions, fostering a sense of community and enabling employees to stay connected, engaged, and informed about company news and updates.

These benefits demonstrate how Microsoft Teams can significantly improve communication, collaboration, and overall productivity within businesses of all sizes, ultimately driving organizational success.

What are the security risks of using Microsoft Teams?

While Microsoft Teams presents numerous advantages for business users, it is essential to be aware of potential risks that come with its usage. Five notable risks include:

  1. Data Leakage: The simplicity of file sharing within Teams makes the improper sharing or accidental disclosure of sensitive information easier to perform and harder to detect.
  2. External Collaboration: Teams users can invite external parties into the workplace ecosystem, increased the risk of potential data breaches and unauthorized data access.
  3. Compliance Challenges: Organizations operating in regulated industries must ensure that Teams complies with specific industry standards and regulations regarding data privacy and access permissions.
  4. Third-Party Vulnerabilities: Integrating third-party applications can introduce security risks if those apps have access to Teams data.
  5. Insider Threats: Trusted insiders with access to Teams can misuse their privileges, potentially compromising sensitive information, leaking confidential data, or disrupting business operations.

To mitigate some of these risks, Microsoft provides robust security and compliance features for Teams.

AWR-2023_Risk awareness_promo card

What risks lurk in collaboration tools? We analyzed 6.6B messages to find out.

What are Microsoft Teams’ security features?

Data encryption

Encrypting data applies in two ways, when data is at rest and in transit.

For data at rest:

  1. Sign in to the Microsoft 365 Security & Compliance Center with an admin account.
  2. Go to the “Data encryption” page.
  3. Under “Encryption at rest,” enable the desired encryption options.

For data in transit, you need a secure connection using the Transport Layer Security (TLS) protocol. This is accomplished by:

  1. Configuring your organization’s firewall to only allow Teams connections through a TLS-enabled gateway.
  2. Configuring your network devices to only allow traffic with a security certificate: HTTPS.

You can verify data is encrypted using Office 365’s built-in compliance tools and data governance controls. To ensure comprehensive data protection, regularly review your encryption settings, secure any encryption keys and certificates, and update them when necessary.

End-to-end encryption

To enable this feature as an administrator:

  1. Sign in to Microsoft Teams with your admin account.
  2. Navigate to “Enhanced encryption policies” and either edit the default policy or create a new one.
  3. For “end-to-end call encryption,” select “Not enabled, but users can enable.” Save the policy.

To enable as a user:

  1. Launch the Teams client and go to Settings > Privacy.
  2. Locate “End-to-end encrypted calls” and toggle it to the on position.
  3. When enabled, a shield with a lock icon will show during calls, showing encryption is working. Users can verify the icon at both ends of the call to determine it’s working properly.

Transport layer security (TLS)

Transport layer security encrypts data transmitted between a client and a server.

To enable it for administrators:

  1. Sign in to the Microsoft Teams admin center with an admin account.
  2. Go to “Meetings” > “Meeting policies,” and either edit a current policy or create a new one.
  3. Under “Audio & video” settings, enable the “Require encryption for audio/video” option.
  4. Save the policy and assign it to the desired users or groups.

All audio, video, and screen sharing in Teams meetings for the users within the policy will be TLS encrypted with these settings in place. You can also configure you network firewall to only allow Teams connections over TLS/HTTPS by restricting traffic to the required Microsoft IP address ranges and ports used by Teams.

For users:

Once the encryption policy has been enabled by an administrator, TLS is automatic in all Teams meeting for audio/video traffic for assigned users. No additional configurations are required. Look for the encrypted shield icon next to the meeting name or participant names.

Two-factor authentication

Two-factor authentication (2FA or MFA for multi-factor authentication) adds an extra layer of security beyond passwords to user accounts.

To activate as an administrator:

  1. Sign in to the Microsoft 365 admin center with your admin account.
  2. Click “Users,” then “Active users,” and select the users for whom you want to enable 2FA.
  3. Choose “More,” and “Multifactor Authentication setup.”
  4. Select the users, and click “Enable” to the right under “Quick Steps.
  5. Confirm by clicking “Enable multi-factor authorization” in the pop-up.

To activate as a security administrator:

  1. Sign in as a security admin.
  2. Go to “Identity Protection” > “Conditional Access” > “Policies.”
  3. Create a new policy and configure it to require multi-factor authentication.

To activate as a user:

Users can set up 2FA with the Microsoft Authenticator app.

  1. Go to account.microsoft.com/security and sign in.
  2. Under “Two-step verification,” select “Set up two-step verification.”
  3. Follow the instructions to set up the Authenticator app.

Once enabled, users will receive prompts for a second verification factor when signing into Teams.

Conditional access policies

Conditional access policies secure Teams and other cloud apps based on risk. They ensure only authorized and compliant users and devices can access the organization’s data.

To enable for administrators:

  1. Sign in to the Microsoft Entra admin center with an admin account.
  2. Under the “Protection” section, choose “Conditional Access.”
  3. Create a new conditional access policy or edit an existing policy.
  4. Under “Assignments,” select “Users and groups,” and include the users or groups the policy will apply to. You can exclude emergency or break-glass accounts.
  5. Under “Cloud apps,” include “Microsoft Teams” in the list the policy applies to.
  6. Configure the desired access controls, g., 2FA or device compliance policies. You can also configure named locations, location-based conditions like trusted IP ranges, where the policy does not apply.
  7. Set the policy to “Report-only” mode initially to test the impact. Once satisfied, switch to “On” to begin enforcing the policy.

Conditional access policies for Teams are dependent on other Microsoft 365 services, such as Exchange Online and SharePoint Online. Blocking these services can impact Teams’ functionality. You may also need to exclude certain apps from the policy if they don’t require the same security level as Teams.

For users:

There is no enabling necessary. Once the policies are in place, users will be prompted to meet the criteria, such as following 2FA requirements, when signing in to Teams outside of trusted location ranges or devices.

Mobile device management

To enable for administrators:

  1. Sign in to Microsoft Endpoint Manager admin center with an admin account.
  2. Go to “Apps” > “App configuration policies,” and create a new policy for the Microsoft Teams app.
  3. Under “General configuration settings,” configure the desired notification settings by setting the appropriate keys to 1 (enabled) or 0 (disabled).
  4. Assign the app configuration policy to the user groups that need the Teams app managed.
  5. Go to “Apps” > “App protection policies,” and create a new policy on your platform (iOP/iPadOS or Android).
  6. On the “Data Protection” page, set “Org data notifications” to “Block org data.”
  7. Assign the app protection policy to the same user groups.
  8. Optional: create a conditional access policy to only allow Teams from approved client apps or require the app protection policy.

For users:

  1. Install the Microsoft Teams app from the app store to the mobile device.
  2. For Android, users must also install the Intune Company Portal app for app protection policies to apply.
  3. Sign in to Teams with the work or school account.

Once enrolled, Teams on the device will be managed by the Intune MDM. Notifications and data protection will be enforced within the parameters of the policies. Intune’s MDM capabilities are recommended alongside conditional access and app protection to secure Teams for internal and external users alike.

Retention policies

To enable retention policies as an administrator:

  1. Sign in to the Microsoft Purview compliance portal using an admin account.
  2. Click “Information governance” and then “Retention policies.”
  3. Select “Create a retention policy,” and provide a name and description for the policy.”
  4. On the “Locations to apply the policy,” page, check the box for “Teams channel messages,” and/or “Teams chat messages” to match your retention requirements.
  5. Configure the retention settings:
    1. Retention period: specify for how long to retain the data, up to and including indefinitely.
    2. Action to take after retention period: Choose to delete the data or keep it.
  6. Review and create the policy.
  7. Optional: create separate policies for public channel messages and private channels.

For users:

When a retention policy is in place, users will see messages selected for deletion get deleted from Teams when the retention period expires. Users will be notified the messages have been deleted because of the retention policy. Messages deleted by a retention policy cannot be recovered. However, users may delete messages before the expiration if desired.

Communicating the retention policy to end users is important so they understand why messages are being deleted from Teams.

Microsoft Purview Information Protection (MIP)

Microsoft Purview Information Protection (MIP) is a set of capabilities in Microsoft 365 that helps companies protect sensitive data across services and applications. Using sensitivity labels, administrators can classify data within Teams for data protection purposes.

To enable MIP for administrators:

  1. Sign in to the Microsoft Purview compliance portal with an admin account at compliance.microsoft.com.
  2. Select “Solutions” > “Information protection” > “Sensitivity labels.”
  3. Enable sensitivity labels for Teams by following the guided instructions as they apply to your data.
  4. Create new sensitivity labels or configure existing ones based on your protection needs.

Best practices to improve Microsoft Teams security

One of the hardest risks to mitigate in Microsoft Teams is that posed by the people using it. Your employees are the new perimeter of information security, and it is essential that they understand the importance of their role in protecting confidential company data.

16_9-Aware-WebinarAd1-PeoplePerimeter-OGsocial

Free Webinar: People as the perimeter of information security

To ensure a secure environment in Microsoft Teams, organizations should enforce the following:

  • Strong passwords: Unique passwords and password expiration policies prevent unauthorized access.
  • Two-factor authentication (2FA): 2FA or multi-factor authentication (MFA) reduces the risk of unauthorized account access.
  • End-to-end encryption: Admins can use an enhanced encryption policy to enforce end-to-end encryption for Teams meetings.
  • Phishing defense: Raise awareness about phishing attacks and provide training to help users recognize and avoid suspicious emails, links, and attachments.
  • External access: Evaluate and limit guest user access to Teams and channels, ensuring appropriate controls are in place for data security.
  • Unified endpoint management (UEM): Secure devices that access Teams by enforcing device compliance policies, preventing data leakage, blocking non-compliant devices, and deploying security settings through Intune.
  • Monitor third-party apps: Review, approve, and audit all third-party apps for security risks, leverage the App Permissions Policies in Teams, and monitor app usage for suspicious behavior.
  • Enable additional Office 365 security features: Microsoft Defender to check attachments, sensitivity labels to classify data, DLP policies for proper sharing protocols, retention policies, and more.

Training employees on information security in Microsoft Teams is crucial for businesses as information within the Teams environment can flow more easily between users with fewer safeguards to protect sensitive data. Malicious actors may seek access to corporate Teams accounts through cyberattacks to exfiltrate company secrets, IP, and confidential information. Disgruntled insiders may also exfiltrate data using Teams, as its ability to synchronize documents across devices makes it fast and easy to move information beyond the company’s control. And untrained users can make simple mistakes that introduce malware into Microsoft Teams.

Administrators can mitigate risks by reducing access to the Teams environment using Azure Active Directory (Azure AD). Azure AD features, including single sign-on (SSO), multi-factor authentication (MFA), conditional access policies, and risk-based identity protection, help ensure that only authorized users can access Teams and its associated data.

Investing in information security training for employees is an important step for businesses seeking to reduce the risk of data breaches, enhance their security posture, and build a culture of vigilance and responsibility. Ultimately, well-trained employees become a crucial asset in safeguarding sensitive information and upholding the organization's reputation and trustworthiness.

How Aware strengthens and simplifies Microsoft Teams security

Aware supports security and compliance within Microsoft Teams by analyzing messages in real time to identify and remediate risky behaviors and unauthorized information sharing. Aware’s AI data platform uses industry-leading natural language processing (NLP) and machine learning workflows to detect noncompliant information-sharing using regular expression and keyword detection, and code and password identification.

Using Aware, businesses can enhance the security of their Microsoft Teams digital workplace by mitigating the risks posed by human behavior. In addition, Aware’s intelligent NLP normalizes insights for each individual organization, providing advanced notice when the risk of insider threats increase. This gives business leaders an opportunity to address problems before they become crises.

A large international retailer partnered with Aware for this purpose after witnessing a competitor’s unfortunate run-in with a phishing scam. The retailer’s security team tested their employees’ ability to recognize a similar scam. When hundreds fell for the scam, the retailer used the opportunity to help their workforce better recognize such scams and other security threats. The company has lowered its overall risk exposure and secured its collaboration platform.

In addition to compliance and information governance management, Aware offers data loss prevention, eDiscovery, and next-generation organizational intelligence insights for Teams. All these features are also available for all other workplace collaboration tools, including Slack, Zoom, and Yammer, from an intuitive centralized dashboard.

Final thoughts

Collaboration tools are essential for businesses in a remote and hybrid world of work, and Microsoft Teams provides numerous business benefits. However, Teams does have some security weaknesses and blind spots that organizations must address to secure their digital workplace. By implementing security best practices, educating end users, and deploying human-centric AI analysis from Aware, businesses can harness the full potential of Microsoft Teams while maintaining a secure environment for their sensitive information.

Get Security, Compliance, & Insights for Microsoft Teams

Topics:Compliance AdherenceMicrosoft Teams InsightsInformation SecurityData Loss Prevention