With the massive growth in online meting usage due to world events, online meeting security and best practices have been making headline news.
Here are 4 features and changes coming to Microsoft Teams to further enhance security.
Default to lobby for external and PSTN meeting joiners
Microsoft Teams has a lobby function. Today it is disabled by default, and per meeting, organizers can choose to enable it in meeting options
Each Microsoft Teams meeting has a unique complex URL, so the likelihood of random external people finding the meeting and joining is pretty low. Even so, Microsoft is changing the global default to put external (none organization/tenant users) into the lobby and having a meeting organizer admit them. Meaning, by default, external users joining via the Teams client or PSTN will have to be admitted to the meeting
Admins can choose to change this in the global Teams meeting policies.
Option to set a default policy for “Who can present” in Teams meetings
The default in Microsoft Teams meetings is that anyone (“everyone”) can present. Tenant admins will now be able to set a new default policy for who can present. The default value is set to “everyone” but can be updated via PowerShell:
- Set-CsTeamsMeetingPolicy -Identity Global -DesignatedPresenterRoleMode”Insert Value”
- Values: OrganizerOnlyUserOverride, EveryoneInCompanyUserOverride, EveryoneUserOverride
All options allow the person scheduling to override them, they are just the defaults.
Hiding PSTN joiners phone numbers from other external users
In the Microsoft Teams organization/internal users (part of the tenant) can see the full phone numbers of meeting attendees joining via PSTN audio conferencing. In a new update, external users (anonymous, federated and non-federated) will now only see the first 2 and last 2 digits of the phone number of a PSTN dialled-in participant.
Block user changing their profile pictures in Microsoft Teams
Not specific to meetings. Teams Web and Desktop experience now recognize the Outlook on the web mailbox policy setting that controls whether users can change their profile pictures. Configured by tenant admin, this policy setting helps tenants promote a safer work or school environment by preventing inappropriate content from being used in profile pictures.
If the -setPhotoEnabled parameter is turned off (set to $false) in the policy, users can’t add, change, or remove their profile pictures.