Teams Standards
Low Impact
Disallow emails to be sent to channel email addresses
Teams channel email addresses are an optional feature that allows users to email the Teams channel directly.
"CIS 3.0"
Set-CsTeamsClientConfiguration -AllowEmailIntoChannel $false
TeamsEmailIntegration
Define approved cloud storage services for external file sharing in Teams
Ensure external file sharing in Teams is enabled for only approved cloud storage services.
"CIS 3.0"
Set-CsTeamsClientConfiguration -AllowGoogleDrive $false -AllowShareFile $false -AllowBox $false -AllowDropBox $false -AllowEgnyte $false
TeamsExternalFileSharing
Define Global Meeting Policy for Teams
Defines the CIS recommended global meeting policy for Teams. This includes AllowAnonymousUsersToJoinMeeting, AllowAnonymousUsersToStartMeeting, AutoAdmittedUsers, AllowPSTNUsersToBypassLobby, MeetingChatEnabledType, DesignatedPresenterRoleMode, AllowExternalParticipantGiveRequestControl
"CIS 3.0"
Set-CsTeamsMeetingPolicy -AllowAnonymousUsersToJoinMeeting $false -AllowAnonymousUsersToStartMeeting $false -AutoAdmittedUsers EveryoneInCompanyExcludingGuests -AllowPSTNUsersToBypassLobby $false -MeetingChatEnabledType EnabledExceptAnonymous -DesignatedPresenterRoleMode $DesignatedPresenterRoleMode -AllowExternalParticipantGiveRequestControl $false
TeamsGlobalMeetingPolicy
Medium Impact
External Access Settings for Microsoft Teams
Sets the properties of the Global external access policy. External access policies determine whether or not your users can: 1) communicate with users who have Session Initiation Protocol (SIP) accounts with a federated organization; 2) communicate with users who are using custom applications built with Azure Communication Services; 3) access Skype for Business Server over the Internet, without having to log on to your internal network; 4) communicate with users who have SIP accounts with a public instant messaging (IM) provider such as Skype; and, 5) communicate with people who are using Teams with an account that's not managed by an organization.
Set-CsExternalAccessPolicy
TeamsExternalAccessPolicy
Federation Configuration for Microsoft Teams
Sets the properties of the Global federation configuration. Federation configuration settings determine whether or not your users can communicate with users who have SIP accounts with a federated organization.
Set-CsTenantFederationConfiguration
TeamsFederationConfiguration
Last updated