Microsoft Teams Getting a Security Boost

Latest Posts
Education

Microsoft Teams Getting a Security Boost

by Mike Puglia

2 min read

Microsoft Teams, with its over 350 million active monthly users, recently announced several new security features which begin rolling out in September. Due to its widespread business adoption, Teams has become a prime target for threat actors and ransomware groups like Midnight Blizzard, Black Basta, and Storm-2603. These security enhancements aim to help organizations better safeguard their users and we’ve highlighted some of the key features below:

Teams Blocking Weaponizable File Types

Microsoft Roadmap Link: https://www.microsoft.com/en-us/microsoft-365/roadmap?id=499892

Description: Microsoft Teams now blocks messages containing weaponizable file types, such as executables, in chats and channels, increasing protection against malware and other file-based attacks.

Temas Malicious URL Warning

Microsoft Roadmap Link: https://www.microsoft.com/en-us/microsoft-365/roadmap?id=499893

Description:  Microsoft Teams can now detect and warn users on malicious URLs sent in Teams chat and channels, increasing protection against malware attacks.

Prevent Screen Capture

Microsoft Roadmap Link: https://www.microsoft.com/en-us/microsoft-365/roadmap?id=490561

Description: To address the issue of unauthorized screen captures during meetings, the Prevent Screen Capture feature ensures that if a user attempts to take a screen capture, the meeting window will turn black, thereby protecting sensitive information. This feature will be available on Teams desktop applications (both Windows and Mac) and Teams mobile applications (both iOS and Android). For users joining from unsupported platforms, they will be placed in audio-only mode to maintain the integrity of the meeting’s content.

Kaseya Labs Commentary: This is more of a privacy feature, and certainly when sharing sensitive data in a meeting there is always the concern that an attendee may record it.  While this adds extra steps for someone motivated to record the confirmation, the attendee could certainly just use their phone pointed at the screen.  Additionally, if it is a “public” meeting with attendees not joining from a Teams application (i.e. over the web), it will block all video.  This feature is a good step forward to prevent a casual attendee recording for non-malicious purposes, but users should understand it is not comprehensive protection and will shut out web users (it goes without saying, but if you are in a public meeting, users should assume its all being recorded).

Mike Puglia

General Manager, Security Products

Mike Puglia brings over 25 years of technology, strategy, and cybersecurity experience to his role as Kaseya’s General Manager of Security Products. He is responsible for all products across Kaseya’s portfolio of security solutions.

Prior to joining Kaseya, Mike led the technical program management integration of real-time collaboration technologies into Salesforce’s Chatter Social Enterprise platform. Earlier in his career, Mike served in technical and product roles at applications security company Veracode, database security company Lumigent Technologies and network security Bluesocket.

Mike holds a Bachelor of Science in Electrical Engineering from the University of New Hampshire and an MBA from the Carroll Graduate School of Management at Boston College.