Ensure 'external access' is restricted in the Teams admin center
Why This Matters
External access in Teams allows unmanaged users to communicate with your organization’s users, which can expose your network to security threats. Attackers have exploited these channels to deliver malware (such as DarkGate), conduct social engineering campaigns, and enumerate usernames. Restricting this access reduces the risk of data loss, phishing, and other attacks originating from external Teams or Skype users.
What Aether365 Checks
This check verifies that external access is disabled for unmanaged Teams and Skype users in the Microsoft Teams admin center. In the Aether365 dashboard, this appears under microsoft-365 checks as M365.2169.
How to Fix
To restrict external access for unmanaged users in Teams, follow these steps: