Microsoft Teams users can now chat with any Teams user outside their organizatio...
source link: https://techcommunity.microsoft.com/t5/microsoft-teams-blog/microsoft-teams-users-can-now-chat-with-any-teams-user-outside/ba-p/3070832?WT_mc_id=DOP-MVP-4025064
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Microsoft Teams users can now chat with any Teams user outside their organization
Seamlessly collaborate with external customers and partners within the safety and security of your trusted Teams workspace.
It takes a lot of communication to make your business run—collaboration with coworkers, sharing with partners, follow ups with vendors, and outreach to customers. Microsoft Teams offers secure solutions to collaborate with external parties, and with Microsoft Teams Connect we are making it even easier to work with anyone outside your organization. Teams empowers commercial users to chat with commercial users in other organizations. Building on this, we are enabling you to chat with team members outside your organization, even if they are using a Teams personal account. These accounts are frequently used by SMB and therefore this new capability helps you strengthen the relationship with external partners.
As previously announced at Ignite, you can invite any Teams user to chat by entering the full email address or phone number you want to reach and start a 1:1 or group chat with anyone with a Microsoft personal account, no tenant switching required. All while giving IT admins and Microsoft personal account Teams users a range of controls and tools to ensure security. This new capability is rolling out now.
Getting started Chatting with external users without needing to switch tenants enables you to get the results that you need faster. Let’s take a closer look into how it works.
Depending on the administrative settings of your organization and of the Teams personal account user:
Starting a chat with a Teams personal account users:
IT admins have granular tools to control external accessWhen it comes to enabling external access for your organization, IT admins have control over the access level they choose. Below are the controls available in the admin center for Teams accounts not managed by an organization:
Use the toggle and checkbox to control whether people in your organization can communicate with Teams users whose accounts aren’t managed by an organization.
You can also opt out individual users—for example, members of your executive team—from receiving communication requests from external users by creating a policy using PowerShell commands and then assigning the policy to those individuals. Learn more.
Keep in mind that the default setting is on, so if you want to disable external access for your organization, you must opt out.
Protecting users throughout your organizationMicrosoft deeply values end user privacy, security, and governance. The ability to chat with external users is built on the Microsoft 365 hyper-scale, enterprise-grade cloud, delivering the advanced security and compliance capabilities our customers expect. While Teams is an open communication platform, it offers admins a range of control and tools to meet their specific security needs. It also ensures that users know when they are chatting with people from other organizations.
Like existing functionality that allows users to chat with external organizations, admins can disable chat with Teams accounts not managed by an organization in the admin portal. Even once enabled, Teams end users are protected by:
End users are not shown messages unless they click to preview, are reminded of the risks of external chat, and are asked to explicitly accept or block the message request.
Ready to get started?Today, collaboration across organizational boundaries is the norm. Now you can chat with any Teams user in real-time. To learn more or get started, check out these helpful resources: Add or invite people outside your Teams org to a chat and Manage external access in Microsoft Teams.
Jan 26 2022 10:49 PM
Jan 27 2022 12:32 AM
@Chris_LeTexier DLP work in external access chat (federation) just not consumer external access chats.
@ITEric Shared channels on it's way, later Q1 Shared channels roadmap
@Markus Johansson Good questions mate. I will answer as how I believe it will work (the authors can perhaps add more details).
1) I suppose the built-in M365 security features processing information will take care of that, such as the mentioned "spam checker". It would also mean that the affected user has accepted that conversation invite. As of today, from what I can tell, it has to be the user blocking the conversation from the chat window or possibly the "spam checker" taking care of that.
2) Nothing I've heard of. The easiest way would probably be for the user to block and hide that chat (soon also delete that chat). You could use a retention policy, but as far as I know there's no way of targeting that particular consumer conversation.
3) The "shared file" is simply a link to the consumer personal OneDrive so if your subscription is eligible for Safe-Links you have the real-time URL scanning on top of the built-in security features working in the background. But for the Teams Safe-Link feature to take action on the link it would have to be added to list where it does its checking. If a user would go and download that shared file from the personal OneDrive, such as "Download a copy", you probably already have endpoint features looking at that, and perhaps even the Safe Documents feature.
1) I haven't found any such tools or views for admins (doesn't mean it doesn't exist). If the recipient don't want to engage they don't have to accept and can simply block the external account, before or after the user selects "preview message".
2) Nothing in audit log activities from what I can tell, but saw all the consumer chat messages using content search. The results only shows the sender and the message, nothing else. Btw, (a lot of edits now haha) the message will turn up in content search regardless of user accepting or not.
Jan 27 2022 06:03 AM
Jan 27 2022 07:29 AM
I love this feature and am excited to share the news about it. Though, I too am looking at the DLP implications here. My tests show that sensitive info is able to get out in a private chat with someone outside my org. When I tried to share the same sensitive info within a 1:1 chat or channel inside my tenant, the info was blocked with DLP. I'll need to continue to evaluate, but I am encouraged.*EDIT - I just saw this in the more things to know: "Data-loss prevention (DLP) and information barriers don't apply to External Access chats."
Jan 27 2022 08:34 AM
Jan 27 2022 01:51 PM
Jan 27 2022 04:16 PM
Jan 28 2022 11:06 AM
Jan 28 2022 11:19 AM
@TheITDude1 your a dinosaur (you asked...)
I dont disagree this is one more vector to police but security is a balance between usability and accessibility. Perhaps if your a bank, healthcare, or government you need to turn it off, but most will find it way easier to collaborate. These chats come in labeled as external and need to be accepted vs normal chats. We have to do better about educating our users, just disabling features will only give people the impression of IT being out of touch and lose trust for IT. That trust is what powers us to help users navigate todays challenges not yesterdays.
Jan 28 2022 03:12 PM
@ITEric haha. Maybe I should have worded the "dinosaur" part differently.
I get the usability and such, but... The labeling as external to me is pointless. Firstly, there will be impersonation, and secondly, users may pay attention at the beginning but after they're used to it, they'll just click. Emails at least get better filtering. This is gonna be a direct connection to a user's computer without any checks, other than maybe the workstation's security software, but I don't think it's bulletproof by a long stretch.
My users are educated in not clicking on links or attachments and still every once in a while they do, and when I reprimand them, they say "yeah, I was busy, on the phone, juggling five different things, I didn't think about it".
I guess if they start asking for it, I may re-evaluate. For the time being, is a no for me.
Jan 28 2022 11:52 PM
Jan 29 2022 04:17 AM
Fair enough, the only other thing I think I can mention is that any modern security approach has to be defense in depth. Meaning, dont rely on any one thing. Sure the external banners are not a strong protection but you should have other things to catch the slack like for example MFA. In my company creds are practically useless since MFA is required for everything. Sure that isnt fool proof as someone can spoof a MFA portal and proxy responses but then you add in Azure AD's logon risk scores (we block all high risk sign ins) which is another layer of our security lasagna of which there are many more. Modern IT management and security has never been more of a challenge, we have to find ways to be open and secure. I guess this isnt new but the amount of open is far greater then it used to be. Good discussion in any event, nice talking with you.
Jan 29 2022 11:39 PM
Spam checks: prior to an explicit ‘accept’, every message sent by a Teams personal account goes through runtime spam checks. If spam is detected, the chat message is not delivered
Where can I as an Admin see that this happens, from both a troubleshooting perspective as well as trend analysis? Would users be able to preview a message and submit as Spam to improve the filter (false negative) and would this be visible for Admins as an User Submission?
End users are not shown messages unless they click to preview, are reminded of the risks of external chat, and are asked to explicitly accept or block the message request.
Can I see the audit event that a user accepted the chat and when will the chat become visible in eDiscovery (always or only after accepting?)
Jan 31 2022 10:00 AM
@ITEric "security lasagna" - hahaha. That's a good one, first time I hear it.
Yeah, totally, we have to put as many security measures in place as we can, that's why I'm not crazy about this.
We just now implemented MFA. A little late, yes. I fail to see how MFA could stop any misuse of this new Teams feature, though.
I'm also troubleshooting with my provider, Okta, the fact that MFA does not work at all for desktop Microsoft applications, but that's a matter for a different conversation.
About spoofing a MFA portal - except for desktop apps, if my users go web-based they (we) need to accept the authenticator challenge. I see that as pretty bullet proof. Hopefully...
I am not leveraging Azure AD at all. I should, I guess.
Remember the times when everyone was in the office and all traffic would go through a solid firewall? Those were the times. Ha.
Nice talking with you too!
Jan 31 2022 01:43 PM
I see the biggest vector for attack from this to be a attacker pretending to me a IT staffer and asking for credentials. MFA makes those creds useless (mostly). I would also recommend as part of the lasagna to make sure you disable the ability for external people to remote control internal users via teams.
On the MFA thing, it has been done in targeted attacks, a portal that looks like Azure AD or Okta (or other SSO provider) so that the user goes there, gets prompted, the answer is then provided to the attacker who then goes to the real logon portal with the OTP.
As a side note, we don't use 3rd party SSO, we are pure Azure AD and loving it. From Azure AD Proxy for internal apps, to SAML SSO agreements for external. That plus the protections of Azure AD Security AI for risky sign ins. If your struggling with Okta for some on-prem web apps, check out Azure AD proxy.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
%3CLINGO-SUB%20id%3D%22lingo-sub-3070832%22%20slang%3D%22en-US%22%3EMicrosoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3070832%22%20slang%3D%22en-US%22%3E%3CP%3E%3CEM%3ESeamlessly%20collaborate%20with%20external%20customers%20and%20partners%20within%20the%20safety%20and%20security%20of%20your%20trusted%20Teams%20workspace.%3C%2FEM%3E%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3EIt%20takes%20a%20lot%20of%20communication%20to%20make%20your%20business%20run%E2%80%94collaboration%20with%20coworkers%2C%20sharing%20with%20partners%2C%20follow%20ups%20with%20vendors%2C%20and%20outreach%20to%20customers.%20Microsoft%20Teams%20offers%20secure%20solutions%20to%20collaborate%20with%20external%20parties%2C%20and%20with%20Microsoft%20Teams%20Connect%20we%20are%20making%20it%20even%20easier%20to%20work%20with%20anyone%20outside%20your%20organization.%20Teams%20empowers%20commercial%20users%20to%20chat%20with%20commercial%20users%20in%20other%20organizations.%20Building%20on%20this%2C%20we%20are%20enabling%20you%20to%20chat%20with%20team%20members%20outside%20your%20organization%2C%20even%20if%20they%20are%20using%20a%20Teams%20personal%20account.%20These%20accounts%20are%20frequently%20used%20by%20SMB%20and%20therefore%20this%20new%20capability%20helps%20you%20strengthen%20the%20relationship%20with%20external%20partners.%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3EAs%20previously%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fmicrosoft-teams-blog%2Fmicrosoft-ignite-fall-2021-innovations-coming-to-microsoft-teams%2Fba-p%2F2824127%22%20target%3D%22_blank%22%3Eannounced%20at%20Ignite%3C%2FA%3E%2C%20you%20can%20invite%20any%20Teams%20user%20to%20chat%20by%20entering%20the%20full%20email%20address%20or%20phone%20number%20you%20want%20to%20reach%20and%20start%20a%201%3A1%20or%20group%20chat%20with%20anyone%20with%20a%20Microsoft%20personal%20account%2C%20no%20tenant%20switching%20required.%20All%20while%20giving%20IT%20admins%20and%20Microsoft%20personal%20account%20Teams%20users%20a%20range%20of%20controls%20and%20tools%20to%20ensure%20security.%20This%20new%20capability%20is%20rolling%20out%20now.%3C%2FP%3E%0A%3CP%3E%3CIMG%20src%3D%22https%3A%2F%2Fcdn.techcommunity.microsoft.com%2Fassets%2FMicrosoftTeams%2Fchat.gif%22%20border%3D%220%22%20width%3D%22990%22%20%2F%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EGetting%20started%3C%2FSTRONG%3E%20%3CBR%20%2F%3EChatting%20with%20external%20users%20without%20needing%20to%20switch%20tenants%20enables%20you%20to%20get%20the%20results%20that%20you%20need%20faster.%20Let%E2%80%99s%20take%20a%20closer%20look%20into%20how%20it%20works.%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3EDepending%20on%20the%20administrative%20settings%20of%20your%20organization%20and%20of%20the%20Teams%20personal%20account%20user%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EStart%20conversations%20with%20external%20Teams%20personal%20account%20users.%3C%2FLI%3E%0A%3CLI%3EExternal%20Teams%20personal%20account%20users%20can%20start%20conversations%20with%20Teams%20at%20work%20users.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3EStarting%20a%20chat%20with%20a%20Teams%20personal%20account%20users%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3ETeams%20users%20managed%20by%20an%20organization%20can%20invite%20Teams%20personal%20account%20users%20they%20want%20to%20chat%20with%20by%20entering%20the%20full%20email%20address%20or%20phone%20number.%20Teams%20personal%20users%20can%20enter%20the%20exact%20organizational%20email%20address%20of%20the%20user%20they%20want%20to%20reach%20and%20attempt%20to%20start%20a%20chat.%3C%2FLI%3E%0A%3CLI%3EIf%20the%20person%20you%20want%20to%20chat%20with%20is%20not%20a%20Teams%20user%20already%2C%20they%20will%20receive%20an%20email%20or%20a%20text%20message%20inviting%20them%20to%20join%20the%20conversation%20using%20a%20personal%20account.%20When%20they%20register%20and%20sign-in%20to%20their%20Teams%20personal%20account%2C%20they%E2%80%99ll%20be%20able%20to%20join%20the%20chat.%3C%2FLI%3E%0A%3CLI%3EOnce%20the%20person%20you%20invited%20accepts%20the%20invitation%2C%20you%20can%20start%20a%20new%201%3A1%20or%20group%20chat%20or%20even%20add%20them%20to%20an%20existing%20external%20group%20chat.%20This%20chat%20thread%20will%20appear%20alongside%20your%20other%20chats%2C%20no%20tenant%20switching%20is%20required%20to%20view%20the%20chat.%3C%2FLI%3E%0A%3CLI%3EExpress%20yourself%2C%20as%20a%20part%20of%20your%20chat%2C%20you%20can%20send%20and%20receive%20rich%20messages%2C%20GIFs%2C%20and%20media.%3C%2FLI%3E%0A%3CLI%3EBe%20only%20in%20the%20conversations%20you%20want%20to%20be%20in.%20You%20can%20block%20messages%20from%20external%20users%20or%20leave%20a%20group%20chat.%3C%2FLI%3E%0A%3CLI%3ETeams%20users%20managed%20by%20an%20organization%20and%20Teams%20personal%20account%20users%20have%20the%20option%20to%20decline%20external%20invitation.%20One%20can%20message%20an%20external%20user%20up%20to%2010%20times%20before%20they%20accept%2C%20but%20if%20the%20message%20is%20not%20accepted%20after%2010%20messages%2C%20you%20won%E2%80%99t%20be%20able%20to%20send%20additional%20messages%20to%20this%20user.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSTRONG%3EIT%20admins%20have%20granular%20tools%20to%20control%20external%20access%3C%2FSTRONG%3E%3CBR%20%2F%3EWhen%20it%20comes%20to%20enabling%20external%20access%20for%20your%20organization%2C%20IT%20admins%20have%20control%20over%20the%20access%20level%20they%20choose.%20Below%20are%20the%20controls%20available%20in%20the%20admin%20center%20for%20Teams%20accounts%20not%20managed%20by%20an%20organization%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CEM%3EOutbound%20chat%3C%2FEM%3E%3A%20enable%2Fdisable%20users%20in%20the%20organization%20to%20initiate%20a%20chat%20with%20external%20Teams%20personal%20accounts%20users%20(e.g.%20users%20who%20are%20not%20invited%20guests%20through%20Azure%20AD%20B2B%20collaboration).%20(Enabled%20by%20default)%3C%2FLI%3E%0A%3CLI%3E%3CEM%3EInbound%20chat%3C%2FEM%3E%3A%20enable%2Fdisable%20external%20users%20with%20Teams%20accounts%20not%20managed%20by%20an%20organization%20to%20initiate%20a%20chat%20with%20your%20users.%20(Enabled%20by%20default)%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22external%20access.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F342094i69C4F6E748F915F9%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22external%20access.png%22%20alt%3D%22external%20access.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EUse%20the%20toggle%20and%20checkbox%20to%20control%20whether%20people%20in%20your%20organization%20can%20communicate%20with%20Teams%20users%20whose%20accounts%20aren%E2%80%99t%20managed%20by%20an%20organization.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYou%20can%20also%20opt%20out%20individual%20users%E2%80%94for%20example%2C%20members%20of%20your%20executive%20team%E2%80%94from%20receiving%20communication%20requests%20from%20external%20users%20by%20creating%20a%20policy%20using%20PowerShell%20commands%20and%20then%20assigning%20the%20policy%20to%20those%20individuals.%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoftteams%2Fmanage-external-access%23limit-external-access-to-specific-people%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ELearn%20more%3C%2FA%3E.%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3EKeep%20in%20mind%20that%20the%20default%20setting%20is%20on%2C%20so%20if%20you%20want%20to%20disable%20external%20access%20for%20your%20organization%2C%20you%20must%20opt%20out.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSTRONG%3EProtecting%20users%20throughout%20your%20organization%3C%2FSTRONG%3E%3CBR%20%2F%3EMicrosoft%20deeply%20values%20end%20user%20privacy%2C%20security%2C%20and%20governance.%20The%20ability%20to%20chat%20with%20external%20users%20is%20built%20on%20the%20Microsoft%20365%20hyper-scale%2C%20enterprise-grade%20cloud%2C%20delivering%20the%20advanced%20security%20and%20compliance%20capabilities%20our%20customers%20expect.%20While%20Teams%20is%20an%20open%20communication%20platform%2C%20it%20offers%20admins%20a%20range%20of%20control%20and%20tools%20to%20meet%20their%20specific%20security%20needs.%20It%20also%20ensures%20that%20users%20know%20when%20they%20are%20chatting%20with%20people%20from%20other%20organizations.%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3ELike%20existing%20functionality%20that%20allows%20users%20to%20chat%20with%20external%20organizations%2C%20admins%20can%20disable%20chat%20with%20Teams%20accounts%20not%20managed%20by%20an%20organization%20in%20the%20admin%20portal.%20Even%20once%20enabled%2C%20Teams%20end%20users%20are%20protected%20by%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3E%3CEM%3EExplicit%20opt-in%3C%2FEM%3E%3A%20end%20users%20are%20not%20shown%20messages%20unless%20they%20click%20to%20preview%2C%20are%20reminded%20of%20the%20risks%20of%20external%20chat%2C%20and%20are%20asked%20to%20explicitly%20accept%20or%20block%20the%20message%20request.%3C%2FLI%3E%0A%3CLI%3E%3CEM%3EExternal%20badging%3C%2FEM%3E%3A%20visible%20in%20both%20the%20chat%20list%20and%20chat%20header.%3C%2FLI%3E%0A%3CLI%3E%3CEM%3ESpam%20checks%3C%2FEM%3E%3A%20prior%20to%20an%20explicit%20%E2%80%98accept%E2%80%99%2C%20every%20message%20sent%20by%20a%20Teams%20personal%20account%20goes%20through%20runtime%20spam%20checks.%20If%20spam%20is%20detected%2C%20the%20chat%20message%20is%20not%20delivered.%3C%2FLI%3E%0A%3CLI%3E%3CEM%3EMessage%20limits%3C%2FEM%3E%3A%20messages%20prior%20to%20an%20explicit%20%E2%80%98accept%E2%80%99%20are%20limited%20to%2010.%20Additional%20messages%20are%20not%20delivered.%3C%2FLI%3E%0A%3CLI%3E%3CEM%3EAdmin%20controls%3C%2FEM%3E%3A%20robust%20controls%20at%20the%20tenant%20and%20user-level%20govern%20external%20access%20scenarios.%3C%2FLI%3E%0A%3CLI%3E%3CEM%3EUser%E2%80%99s%20security%3C%2FEM%3E%3A%20to%20help%20protect%20the%20user%2C%20we%20only%20display%20the%20name%20and%20email%20address%2C%20but%20no%20other%20identifiers%20like%20profile%20pictures.%3C%2FLI%3E%0A%3CLI%3ETeams%20personal%20account%20users%20can%20manage%20their%20discoverability%20in%20their%20settings%20menu%20and%20opt%20out%20from%20being%20discoverable%20by%20other%20Teams%20users.%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22End%20users%20are%20not%20shown%20messages%20unless%20they%20click%20to%20preview%2C%20are%20reminded%20of%20the%20risks%20of%20external%20chat%2C%20and%20are%20asked%20to%20explicitly%20accept%20or%20block%20the%20message%20request.%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F342095i0D338643AC96DC2E%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22accept%20message.png%22%20alt%3D%22End%20users%20are%20not%20shown%20messages%20unless%20they%20click%20to%20preview%2C%20are%20reminded%20of%20the%20risks%20of%20external%20chat%2C%20and%20are%20asked%20to%20explicitly%20accept%20or%20block%20the%20message%20request.%22%20%2F%3E%3CSPAN%20class%3D%22lia-inline-image-caption%22%20onclick%3D%22event.preventDefault()%3B%22%3EEnd%20users%20are%20not%20shown%20messages%20unless%20they%20click%20to%20preview%2C%20are%20reminded%20of%20the%20risks%20of%20external%20chat%2C%20and%20are%20asked%20to%20explicitly%20accept%20or%20block%20the%20message%20request.%3C%2FSPAN%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3E%3CSTRONG%3EReady%20to%20get%20started%3F%3C%2FSTRONG%3E%3CBR%20%2F%3EToday%2C%20collaboration%20across%20organizational%20boundaries%20is%20the%20norm.%20Now%20you%20can%20chat%20with%20any%20Teams%20user%20in%20real-time.%20To%20learn%20more%20or%20get%20started%2C%20check%20out%20these%20helpful%20resources%3A%20%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Foffice%2Fadd-or-invite-people-outside-your-teams-org-to-a-chat-6897ab47-9f60-4db6-8b95-18599714fe57%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EAdd%20or%20invite%20people%20outside%20your%20Teams%20org%20to%20a%20chat%3C%2FA%3E%20and%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoftteams%2Fmanage-external-access%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EManage%20external%20access%20in%20Microsoft%20Teams%3C%2FA%3E.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-3070832%22%20slang%3D%22en-US%22%3E%3CP%3EIt%20takes%20a%20lot%20of%20communication%20to%20make%20your%20business%20run%E2%80%94collaboration%20with%20coworkers%2C%20sharing%20with%20partners%2C%20follow%20ups%20with%20vendors%2C%20and%20outreach%20to%20customers.%20Microsoft%20Teams%20offers%20secure%20solutions%20to%20collaborate%20with%20external%20parties%2C%20and%20with%20Microsoft%20Teams%20Connect%20we%20are%20making%20it%20even%20easier%20to%20work%20with%20anyone%20outside%20your%20organization.%20Teams%20empowers%20commercial%20users%20to%20chat%20with%20commercial%20users%20in%20other%20organizations.%20Building%20on%20this%2C%20we%20are%20enabling%20you%20to%20chat%20with%20team%20members%20outside%20your%20organization%2C%20even%20if%20they%20are%20using%20a%20Teams%20personal%20account.%20These%20accounts%20are%20frequently%20used%20by%20SMB%20and%20therefore%20this%20new%20capability%20helps%20you%20strengthen%20the%20relationship%20with%20external%20partners.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3070832%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EMicrosoft%20Teams%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3073912%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3073912%22%20slang%3D%22en-US%22%3E%3CP%3EAll%20in%20all%20I%20think%20this%20is%20a%20rather%20positive%20step%20forward.%20As%20the%20Teams%20Administrator%20for%20my%20company%20its%20super%20painful%20trying%20to%20explain%20how%20external%20interactions%20may%20or%20may%20not%20work.%20This%20doesn't%20solve%20the%20B2B%20problems%20per%20say%20but%20at%20least%20it%20shows%20your%20working%20on%20it.%20You%20need%20to%20get%20rid%20of%20org-switching%20entirely%20and%20I%20hope%20thats%20in%20the%20works.%20Also%20what%20happened%20to%20external%20channels%3F%20Did%20that%20die%20on%20the%20vine%3F%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3073996%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3073996%22%20slang%3D%22en-US%22%3E%3CP%3EI%20love%20this%20feature%20and%20am%20excited%20to%20share%20the%20news%20about%20it.%26nbsp%3B%20Though%2C%20I%20too%20am%20looking%20at%20the%20DLP%20implications%20here.%26nbsp%3B%20My%20tests%20show%20that%20sensitive%20info%20is%20able%20to%20get%20out%20in%20a%20private%20chat%20with%20someone%20outside%20my%20org.%20When%20I%20tried%20to%20share%20the%20same%20sensitive%20info%20within%20a%201%3A1%20chat%20or%20channel%20inside%20my%20tenant%2C%20the%20info%20was%20blocked%20with%20DLP.%26nbsp%3B%20I'll%20need%20to%20continue%20to%20evaluate%2C%20but%20I%20am%20encouraged.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CSTRONG%3E*EDIT%3C%2FSTRONG%3E%20-%20I%20just%20saw%20this%20in%20the%20%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Foffice%2Fadd-or-invite-people-outside-your-teams-org-to-a-chat-6897ab47-9f60-4db6-8b95-18599714fe57%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3Emore%20things%20to%20know%3C%2FA%3E%3A%20%22Data-loss%20prevention%20(DLP)%26nbsp%3B%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Eand%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Einformation%20barriers%26nbsp%3B%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Edon't%20apply%20to%20External%20Access%20chats.%22%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3074096%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3074096%22%20slang%3D%22en-US%22%3E%3CP%3EAvailable%20in%20GCC%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3074575%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3074575%22%20slang%3D%22en-US%22%3E%3CP%3ETo%20know%20I%20have%20got%20a%20message%20from%20Teams%2C%20my%20colleagues%20must%20text%20me%20on%20WhatsApp%20or%20messenger%20to%20tell%20me%3A%22please%20check%20your%20Team's%22%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20is%20ridiculous.%20Teams%20is%20a%20good%20idea%20with%20bad%20implementation.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3075896%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3075896%22%20slang%3D%22en-US%22%3E%3CP%3EAny%20information%20if%20and%20when%20this%20will%20work%20with%20non%20commercial%20organizations.%20Example%20were%20are%20in%20GCCHigh%20and%20can%20not%20communicate%20with%20any%20of%20out%20customers%20or%20partners.%20We%20have%20been%20requesting%20this.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3082239%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3082239%22%20slang%3D%22en-US%22%3E%3CP%3ENo%2C%20thank%20you.%20I%20just%20toggled%20%22Teams%20accounts%20not%20managed%20by%20an%20organization%22%20off.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECall%20me%20a%20dinosaur%2C%20but%20I%20think%20this%20is%20a%20recipe%20for%20disaster.%20We%20can't%20even%20control%20malicious%20emails%2C%20links%2C%20etec%2C%20as%20it%20is%2C%20the%20least%20that%20we%20need%20is%20this.%20Wait%20until%20hackers%20can%20impersonate%20org%20users.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3082317%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3082317%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1021071%22%20target%3D%22_blank%22%3E%40TheITDude1%3C%2FA%3E%26nbsp%3Byour%20a%26nbsp%3B%3CSPAN%3Edinosaur%20(you%20asked...)%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20dont%20disagree%20this%20is%20one%20more%20vector%20to%20police%20but%20security%20is%20a%20balance%20between%20usability%20and%20accessibility.%20Perhaps%20if%20your%20a%20bank%2C%20healthcare%2C%20or%20government%26nbsp%3Byou%20need%20to%20turn%20it%20off%2C%20but%20most%20will%20find%20it%20way%20easier%20to%20collaborate.%20These%20chats%20come%20in%20labeled%20as%20external%20and%20need%20to%20be%20accepted%20vs%20normal%20chats.%20We%20have%20to%20do%20better%20about%20educating%20our%20users%2C%20just%20disabling%20features%20will%20only%20give%20people%20the%20impression%20of%20IT%20being%20out%20of%20touch%20and%20lose%20trust%20for%20IT.%20That%20trust%20is%20what%20powers%20us%20to%20help%20users%20navigate%26nbsp%3Btodays%20challenges%20not%20yesterdays.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3083662%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3083662%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F454172%22%20target%3D%22_blank%22%3E%40ITEric%3C%2FA%3E%26nbsp%3Bhaha.%20Maybe%20I%20should%20have%20worded%20the%20%22dinosaur%22%20part%20differently.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20get%20the%20usability%20and%20such%2C%20but...%20The%20labeling%20as%20external%20to%20me%20is%20pointless.%20Firstly%2C%20there%20will%20be%20impersonation%2C%20and%20secondly%2C%20users%20may%20pay%20attention%20at%20the%20beginning%20but%20after%20they're%20used%20to%20it%2C%20they'll%20just%20click.%20Emails%20at%20least%20get%20better%20filtering.%20This%20is%20gonna%20be%20a%20direct%20connection%20to%20a%20user's%20computer%20without%20any%20checks%2C%20other%20than%20maybe%20the%20workstation's%20security%20software%2C%20but%20I%20don't%20think%20it's%20bulletproof%20by%20a%20long%20stretch.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20users%20are%20educated%20in%20not%20clicking%20on%20links%20or%20attachments%20and%20still%20every%20once%20in%20a%20while%20they%20do%2C%20and%20when%20I%20reprimand%20them%2C%20they%20say%20%22yeah%2C%20I%20was%20busy%2C%20on%20the%20phone%2C%20juggling%20five%20different%20things%2C%20I%20didn't%20think%20about%20it%22.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20guess%20if%20they%20start%20asking%20for%20it%2C%20I%20may%20re-evaluate.%20For%20the%20time%20being%2C%20is%20a%20no%20for%20me.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3084781%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3084781%22%20slang%3D%22en-US%22%3E%3CP%3EA%20proof%20that%20MS%20is%20not%20customer%20oriented%E2%80%A6%20This%20should%20have%20been%20done%20months%20ago.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3085452%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3085452%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1021071%22%20target%3D%22_blank%22%3E%40TheITDude1%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFair%20enough%2C%20the%20only%20other%20thing%20I%20think%20I%20can%20mention%20is%20that%20any%20modern%20security%20approach%20has%20to%20be%20defense%20in%20depth.%20Meaning%2C%20dont%20rely%20on%20any%20one%20thing.%20Sure%20the%20external%20banners%20are%20not%20a%20strong%20protection%20but%20you%20should%20have%20other%20things%20to%20catch%20the%20slack%20like%20for%20example%20MFA.%20In%20my%20company%20creds%20are%20practically%20useless%20since%20MFA%20is%20required%20for%20everything.%20Sure%20that%20isnt%20fool%20proof%20as%20someone%20can%20spoof%20a%20MFA%20portal%20and%20proxy%20responses%20but%20then%20you%20add%20in%20Azure%20AD's%20logon%20risk%20scores%20(we%20block%20all%20high%20risk%20sign%20ins)%20which%20is%20another%20layer%20of%20our%20security%20lasagna%20of%20which%20there%20are%20many%20more.%20Modern%20IT%20management%20and%20security%20has%20never%20been%20more%20of%20a%20challenge%2C%20we%20have%20to%20find%20ways%20to%20be%20open%20and%20secure.%20I%20guess%20this%20isnt%20new%20but%20the%20amount%20of%20open%20is%20far%20greater%20then%20it%20used%20to%20be.%20Good%20discussion%20in%20any%20event%2C%20nice%20talking%20with%20you.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3088331%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3088331%22%20slang%3D%22en-US%22%3E%3CBLOCKQUOTE%3E%3CP%3E%3CEM%3ESpam%20checks%3C%2FEM%3E%3CSPAN%3E%3A%20prior%20to%20an%20explicit%20%E2%80%98accept%E2%80%99%2C%20every%20message%20sent%20by%20a%20Teams%20personal%20account%20goes%20through%20runtime%20spam%20checks.%20If%20spam%20is%20detected%2C%20the%20chat%20message%20is%20not%20delivered%3C%2FSPAN%3E%3C%2FP%3E%3C%2FBLOCKQUOTE%3E%3CP%3E%3CSPAN%3EWhere%20can%20I%20as%20an%20Admin%20see%20that%20this%20happens%2C%20from%20both%20a%20troubleshooting%20perspective%20as%20well%20as%20trend%20analysis%3F%20Would%20users%20be%20able%20to%20preview%20a%20message%20and%20submit%20as%20Spam%20to%20improve%20the%20filter%20(false%20negative)%20and%20would%20this%20be%20visible%20for%20Admins%20as%20an%20User%20Submission%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CBLOCKQUOTE%3E%3CP%3E%3CSPAN%3EEnd%20users%20are%20not%20shown%20messages%20unless%20they%20click%20to%20preview%2C%20are%20reminded%20of%20the%20risks%20of%20external%20chat%2C%20and%20are%20asked%20to%20explicitly%20accept%20or%20block%20the%20message%20request.%3C%2FSPAN%3E%3C%2FP%3E%3C%2FBLOCKQUOTE%3E%3CP%3E%3CSPAN%3ECan%20I%20see%20the%20audit%20event%20that%20a%20user%20accepted%20the%20chat%20and%20when%20will%20the%20chat%20become%20visible%20in%20eDiscovery%20(always%20or%20only%20after%20accepting%3F)%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3073594%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3073594%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F693073%22%20target%3D%22_blank%22%3E%40Chris_LeTexier%3C%2FA%3E%26nbsp%3BDLP%20work%20in%20external%20access%20chat%20(federation)%20just%20not%20%3CEM%3Econsumer%3C%2FEM%3E%20external%20access%20chats.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F454172%22%20target%3D%22_blank%22%3E%40ITEric%3C%2FA%3E%26nbsp%3BShared%20channels%20on%20it's%20way%2C%20later%20Q1%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Froadmap%3Ffilters%3D%26amp%3Bsearchterms%3D70766%22%20target%3D%22_self%22%20rel%3D%22noopener%20noreferrer%22%3EShared%20channels%20roadmap%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F10963%22%20target%3D%22_blank%22%3E%40Markus%20Johansson%3C%2FA%3E%26nbsp%3BGood%20questions%20mate.%20I%20will%20answer%20as%20how%20I%20%3CEM%3Ebelieve%3C%2FEM%3E%20it%20will%20work%20(the%20authors%20can%20perhaps%20add%20more%20details).%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E1)%20I%20suppose%20the%20built-in%20M365%20security%20features%20processing%20information%20will%20take%20care%20of%20that%2C%20such%20as%20the%20mentioned%20%22spam%20checker%22.%20It%20would%20also%20mean%20that%20the%20affected%20user%20has%20accepted%20that%20conversation%20invite.%20As%20of%20today%2C%20from%20what%20I%20can%20tell%2C%20it%20has%20to%20be%20the%20user%20blocking%20the%20conversation%20from%20the%20chat%20window%20or%20possibly%20the%20%22spam%20checker%22%20taking%20care%20of%20that.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E2)%20Nothing%20I've%20heard%20of.%20The%20easiest%20way%20would%20probably%20be%20for%20the%20user%20to%20block%20and%20hide%20that%20chat%20(soon%20also%20delete%20that%20chat).%20You%20could%20use%20a%20retention%20policy%2C%20but%20as%20far%20as%20I%20know%20there's%20no%20way%20of%20targeting%20that%20particular%20consumer%20conversation.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E3)%20The%20%22shared%20file%22%20is%20simply%20a%20link%20to%20the%20consumer%20personal%20OneDrive%20so%20if%20your%20subscription%20is%20eligible%20for%20Safe-Links%20you%20have%20the%20real-time%20URL%20scanning%20on%20top%20of%20the%20built-in%20security%20features%20working%20in%20the%20background.%20But%20for%20the%20Teams%20Safe-Link%20feature%20to%20take%20action%20on%20the%20link%20it%20would%20have%20to%20be%20added%20to%20list%20where%20it%20does%20its%20checking.%20If%20a%20user%20would%20go%20and%20download%20that%20shared%20file%20from%20the%20personal%20OneDrive%2C%20such%20as%20%22Download%20a%20copy%22%2C%20you%20probably%20already%20have%20endpoint%20features%20looking%20at%20that%2C%20and%20perhaps%20even%20the%20Safe%20Documents%20feature.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F171795%22%20target%3D%22_blank%22%3E%40Robbert%20Berghuis%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E1)%20I%20haven't%20found%20any%20such%20tools%20or%20views%20for%20admins%20(doesn't%20mean%20it%20doesn't%20exist).%20If%20the%20recipient%20don't%20want%20to%20engage%20they%20don't%20have%20to%20accept%20and%20can%20simply%20block%20the%20external%20account%2C%20before%20or%20after%20the%20user%20selects%20%22preview%20message%22.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E2)%20Nothing%20in%20audit%20log%20activities%20from%20what%20I%20can%20tell%2C%20but%20saw%20all%20the%20consumer%20chat%20messages%20using%20content%20search.%20The%20results%20only%20shows%20the%20sender%20and%20the%20message%2C%20nothing%20else.%20Btw%2C%20(a%20lot%20of%20edits%20now%20haha)%20the%20message%20will%20turn%20up%20in%20content%20search%20regardless%20of%20user%20accepting%20or%20not.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1018579%22%20target%3D%22_blank%22%3E%40Therese_Solimeno%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F93%22%20target%3D%22_blank%22%3E%40Laurie%20Pottmeyer%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3073503%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3073503%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F184384%22%20target%3D%22_blank%22%3E%40Noga%20Ronen%3C%2FA%3E%26nbsp%3B%3CBR%20%2F%3EFrom%20a%20security%20perspective.%3CBR%20%2F%3E-%201.%20Is%20there%20any%20throttling%20mechanism%20in%20how%20many%20messages%20one%20external%20user%20can%20send%20to%20our%20tenant%20before%20that%20user%20is%20being%20blocked%3F%3C%2FP%3E%3CP%3E-%202.%20If%20for%20some%20reason%20a%20message%20or%20messages%20are%20getting%20through%2C%20how%20can%20IT%20admins%20bulk%20delete%20those%20messages%20if%20they%20need%20to%3F%3CBR%20%2F%3E-%203.%20If%20a%20external%20user%20share%20a%20file%2C%20is%20that%20file%20also%20checked%20for%20malicious%20content%20before%20it's%20being%20delivered%20to%20the%20Teams%20work%2Fschool%20user%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3094305%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3094305%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F454172%22%20target%3D%22_blank%22%3E%40ITEric%3C%2FA%3E%26nbsp%3B%22security%20lasagna%22%20-%20hahaha.%20That's%20a%20good%20one%2C%20first%20time%20I%20hear%20it.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYeah%2C%20totally%2C%20we%20have%20to%20put%20as%20many%20security%20measures%20in%20place%20as%20we%20can%2C%20that's%20why%20I'm%20not%20crazy%20about%20this.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20just%20now%20implemented%20MFA.%20A%20little%20late%2C%20yes.%20I%20fail%20to%20see%20how%20MFA%20could%20stop%20any%20misuse%20of%20this%20new%20Teams%20feature%2C%20though.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20also%20troubleshooting%20with%20my%20provider%2C%20Okta%2C%20the%20fact%20that%20MFA%20does%20not%20work%20at%20all%20for%20desktop%20Microsoft%20applications%2C%20but%20that's%20a%20matter%20for%20a%20different%20conversation.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAbout%20spoofing%20a%20MFA%20portal%20-%20except%20for%20desktop%20apps%2C%20if%20my%20users%20go%20web-based%20they%20(we)%20need%20to%20accept%20the%20authenticator%20challenge.%20I%20see%20that%20as%20pretty%20bullet%20proof.%20Hopefully...%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20am%20not%20leveraging%20Azure%20AD%20at%20all.%20I%20should%2C%20I%20guess.%20%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3ERemember%20the%20times%20when%20everyone%20was%20in%20the%20office%20and%20all%20traffic%20would%20go%20through%20a%20solid%20firewall%3F%20Those%20were%20the%20times.%20Ha.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3ENice%20talking%20with%20you%20too!%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-3095678%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Teams%20users%20can%20now%20chat%20with%20any%20Teams%20user%20outside%20their%20organization%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3095678%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F1021071%22%20target%3D%22_blank%22%3E%40TheITDude1%3C%2FA%3E%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20see%20the%20biggest%20vector%20for%20attack%20from%20this%20to%20be%20a%20attacker%20pretending%20to%20me%20a%20IT%20staffer%20and%20asking%20for%20credentials.%20MFA%20makes%20those%20creds%20useless%20(mostly).%20I%20would%20also%20recommend%20as%20part%20of%20the%20lasagna%20to%20make%20sure%20you%20disable%20the%20ability%20for%20external%20people%20to%20remote%20control%20internal%20users%20via%20teams.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOn%20the%20MFA%20thing%2C%20it%20has%20been%20done%20in%20targeted%20attacks%2C%20a%20portal%20that%20looks%20like%20Azure%20AD%20or%20Okta%20(or%20other%20SSO%20provider)%20so%20that%20the%20user%20goes%20there%2C%20gets%20prompted%2C%20the%20answer%20is%20then%20provided%20to%20the%20attacker%20who%20then%20goes%20to%20the%20real%20logon%20portal%20with%20the%20OTP.%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAs%20a%20side%20note%2C%20we%20don't%20use%203rd%20party%20SSO%2C%20we%20are%20pure%20Azure%20AD%20and%20loving%20it.%20From%20Azure%20AD%20Proxy%20for%20internal%20apps%2C%20to%20SAML%20SSO%20agreements%20for%20external.%20That%20plus%20the%20protections%20of%20Azure%20AD%20Security%20AI%20for%20risky%20sign%20ins.%20If%20your%20struggling%20with%20Okta%20for%20some%20on-prem%20web%20apps%2C%20check%20out%20Azure%20AD%20proxy.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Jan 27 2022 01:49 PM
- Microsoft Teams 429
Share
Recommend
-
8
Chat Bubbles are coming to Microsoft Teams client for WindowsMicrosoft Teams is getting another new feature in June 2021, which will be known as "Chat Bubbles". According to the Microsoft 365 Roadmap (Feature ID: 65948...
-
9
Introducing Chat from Microsoft Teams on Windows 11, for your personal accounts Introducing Chat from Microsoft Teams on Windows 11, for your personal account...
-
10
On Our Way to Longevity—Why We Introduced Sabbaticals to Monterail's Organizational Culture Bartosz Rega February 21, 2022
-
5
Russia Has Banned Facebook And Instagram After Labeling Meta's Activities “Extremist"Individuals won’t be held liable for using the two social media networks, but paying for ads can be regarded as financing an “extremist” g...
-
7
-
9
Sponsored Navigating the data quality conundrum: How to ensure your data meets organizational needs
-
4
AWS shows how to attract more Latinos to work in tech – and why your organization should do the same By Madeline Bennett
-
5
FinancialForce talks up the need for joined-up processes in services organizations By Phil Wainewright
-
12
AI technology for safer integrated analysis of data held by multiple organizations by
-
8
Decoding the Buzzwords: The Difference Between Change Management and Organizational Development.
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK