"The new policy in the Teams Admin Center, Manage external bots and their access to meetings, can be assigned to individual users or specific groups," Microsoft said on Monday.
Microsoft's new Teams admin policy
Microsoft has rolled out a policy in the Teams Admin Center that lets organizations stop third‑party bots from joining meetings without explicit approval. The capability was first listed in a March Microsoft 365 roadmap entry and is described as available across Windows, macOS, Android, and iOS for worldwide standard multi‑tenant and GCC cloud environments. The policy is intended to give admins more control and visibility over external bots in meetings.
How detection, lobbies, and approval will work
When the policy is enabled, Teams will automatically detect potential bots, place them in the meeting lobby, clearly identify them, and prompt organizers to confirm admission. Microsoft says that even in meetings where organizers allow participants to bypass the lobby, bots identified through this policy will still require approval before joining. The protections are designed to block malicious apps controlled by threat actors as well as legitimate third‑party bots (used for note‑taking, transcription, or other automated tasks) unless an organizer explicitly admits them.
Planned admin controls and timeline
Microsoft signaled additional controls are coming: allow lists for approved bots, policies to block external bots entirely, admin reports and audit logs on detection and presence of bots, and more granular controls aligned to different security requirements. Separately, the company said that starting in December, administrators will be able to block external Teams users via the Defender portal to reduce the risk of social‑engineering abuse by cybercrime gangs — including ransomware groups — that have used Teams collaboration to target employees.
Related Teams security features announced earlier this year
The bot‑control policy joins a series of Teams security updates Microsoft has announced over recent months. In January, Teams added new fraud‑protection features for calls that warn users about external callers impersonating trusted organizations in social‑engineering attacks. That same month Microsoft said Teams would receive a call reporting feature by mid‑March, enabling users to flag unwanted or suspicious calls as potential phishing or scam attempts. In April, Microsoft warned attackers are increasingly abusing external Teams collaboration for access and lateral movement on enterprise networks, impersonating IT or helpdesk staff to contact employees via cross‑tenant chats and trick them into granting remote access to steal data.
What this means for technologists, affected enterprises, and security teams
- Technologists and security teams: Expect to test and tune the new detection behavior — bots will be forced into lobbies and require organizer consent — and plan for the arrival of audit logs and admin reports to validate detection and policy effectiveness.
- Affected enterprises and procurement leaders: The upcoming allow‑list and block policies will create procurement and governance decisions about which third‑party bot vendors to approve and how to manage automation that performs note‑taking, transcription, or other tasks inside meetings.
- Security operations and defenders: Microsoft’s broader timeline — including the Defender portal block starting in December — intersects with a persistent detection problem. The source material cites a Picus whitepaper that security teams log 54% of successful attacks and alert on just 14%, leaving the remainder to move through environments unseen; that gap underscores why administrative controls and auditability are being added to collaboration tooling.
Microsoft’s staged approach layers detection and administrative guardrails onto Teams meetings: immediate lobby‑and‑approval controls for suspected bots, promised allow‑lists and reporting for governance, and Defender portal blocks to restrict external users. The move acknowledges two realities stated by Microsoft itself — legitimate automation is widely used inside meetings, and attackers are increasingly abusing collaboration channels — and places the burden on administrators to decide which automated participants should be trusted.
