Microsoft Teams, Microsoft 365 Experts
From Microsoft Corporation
Technical Bulletin MC392295 · Published Jun 14, 2022
Message Summary
Financial institutions consider chat messages as a form of data exfiltration, so it’s imperative for IT admins to gain flexibility and control over chat access for anonymous or unauthenticated users. The latter may be expected to join Teams meetings, but they should be restricted from seeing and accessing any type of electronic communication on chat. This feature provides additional security by only disabling chat write access for non-federated users and unauthenticated users who join Teams meetings through a link, so it must be used in conjunction with disabled meeting chat policy applied to financial advisors to remain compliant.
This message is associated with Microsoft 365 Roadmap ID 91142
When this will happen:
- Standard: early June through mid-July
- GCC: late July through mid-August
- GCC High: late August through early September
- DoD: mid-September through late September
How this affects your organization:
With this change IT admins can now disable chat write access at the policy level for non-federated users and unauthenticated users who join Teams meetings through a link.
What you can do to prepare:
There are two ways IT admins can disable chat write access for non-federated users and unauthenticated users who join Teams meetings through a link:
- PowerShell: Admins can run the syntax -MeetingChatEnabledType <String> with current supported values Enabled, Disabled, or EnabledExceptAnonymous.
- Teams Admin Portal: Admins can select the option, “Turn it on for everyone but anonymous users” in the “Chat in meetings” dropdown and apply this meeting policy to a subset or all tenant users.
Note: the scope of EnabledExceptAnonymous or “Turn it on for everyone but anonymous users” is limited to disabled write access. Once this meeting chat policy is applied to user/s, an organizer cannot override this policy through meeting options.