Modern Workplace Help

Intune, Azure, Cloud Computing and more…

New Microsoft Teams Chat Feature: Risks and How to Disable It

Microsoft is introducing a new capability in Microsoft Teams that allows users to start a chat with anyone with an email address—even if they’re not currently using Teams. The recipient will receive an email invitation to join the chat session as a guest.

As an IT admin this might raise some concerns and questions for your organisation. For example, how does this work? Is it safe? How can I disable it?

I will answer this and more questions below.

1.How does the new functionality work?

This is an extension of the Entra B2B collaboration and in practise, when you go you messages and try messaging someone without Teams after entering their email address, an email will be sent to them.

2.What are the benefits vs the risks?

As the 365 Message Center Show guys described on this YouTube video, it is very hard to coordinate chatting with someone who does not use Team. You will send them a chat request which they will then see in a few hours, if not more if they in a different time zone and they will then reply at a time when you might not be only. Let alone phishing attempts from people using non-legitimate email addresses and also expanding the attack surface on your tenant.

3.OK, you’ve convinced me, how do I turn this off? And how do I know if it’s already on?

First of all, caveat, the normal chat functionality will still work for people that are using Teams so no need to worry about that. The script below will help you disable this functionality and in step 4 you can check if it’s already on on your org.


# Step 1: Install Microsoft Teams PowerShell Module (if not already installed)
Install-Module -Name MicrosoftTeams -Force -AllowClobber

# Step 2: Import the module
Import-Module MicrosoftTeams

# Step 3: Connect to Microsoft Teams
Connect-MicrosoftTeams

# Step 4: Check existing Teams Messaging Policies and their current setting
Get-CsTeamsMessagingPolicy | Select-Object Identity, UseB2BInvitesToAddExternalUsers

# Step 5: Disable UseB2BInvitesToAddExternalUsers for the Global policy
Set-CsTeamsMessagingPolicy -Identity "Global" -UseB2BInvitesToAddExternalUsers $false

# Step 6: Verify the change
Get-CsTeamsMessagingPolicy -Identity "Global" | Select-Object Identity, UseB2BInvitesToAddExternalUsers
, , , ,
nabilnahdi's avatar

Posted by:

nabilnahdi

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.