Teams Security Baselines: Contact with Skype Users
Spending 10 minutes or less will help your M365 environment be a little more secure
In Oct. 2022, CISA released a document called Microsoft Teams: M365 Minimum Viable Secure Configuration Baseline. This document outlines 13 steps to take to raise your Microsoft Teams environment to a minimum viable security posture. In this series, we’ll take a look at these 13 steps over a series of articles.
Baseline 6: Skype User Access
This baseline reads “Contact with Skype Users SHALL be Blocked.”
What is it?
Skype for Business was retired in July 2021 and is no longer supported by Microsoft.
Why is it bad?
While not inherently bad, the limitations and degraded user experience due to Skype’s deprecation, coupled with the lack of support from Microsoft, could lead to issues.
What should you know before enforcement?
Users who are still using Skype for Business should already have the option of using Teams, which has more available features and support, so leaving Skype for Business is a win-win.
How do you enforce it?
Login to the Teams Admin Center (teams.cmd.ms) and navigate to Users —> External Access and scroll down to “Skype Users.” Set the toggle for “Allow users in my organization to communicate with Skype users” to OFF.
Resources:
Communicate with Skype Users | Microsoft Docs
Skype for Business Online to Be Retired in 2021 | Microsoft Teams Blog
Note: The articles in the Security Baselines series aren’t being sent via the subscriber emails. Once the series is complete, I’ll be publishing a single article with links to all of the articles in the series.