Security Baselines for Microsoft Teams
13 Settings You Can Configure to Up the Security of Your Teams Environment
In Oct. 2022, CISA released a document called Microsoft Teams: M365 Minimum Viable Secure Configuration Baseline. This publication outlines 13 steps to take to raise your Microsoft Teams environment to a minimum viable security posture. In this series, we take a look at these 13 steps over a series of articles. Each baseline contains one prescriptive action that can be taken to help shore up the security of your Teams environment. All the standard disclaimers of practicing in a test environment before pushing to production apply, but many of these configurations are a single toggle to configure. Topics range from rights for external users to cloud recording to malware scanning.
Each of these articles uses the CISA baseline document as a starting point, but then includes additional details, updated click-paths where necessary, and screenshots where helpful.
1: Disabling Control Requests from External Users
2: Prevent Anonymous Users from Starting Meetings
3: Automatic Meeting Admittance
9: Cloud Recording for Unapproved Users
12: Malware Scanning
13: Protected Links