Ensure external participants can't give or request control
Why This Matters
External participants, including guests and anonymous users, who can give or request control during a Teams meeting pose a security risk by potentially presenting inappropriate or malicious content. By restricting this capability, you ensure only authorized users can manage the meeting's presentation flow, reducing the attack surface for data exposure or social engineering attacks. Administrators should prioritize this check to enforce least privilege principles in their collaboration environment.
What Aether365 Checks
Aether365 verifies that the Microsoft Teams meeting policy "External participants can give or request control" is set to Off for the Global (Org-wide default) policy. This check appears in the Aether365 dashboard under microsoft-365 checks and helps you align with the CIS Microsoft 365 Foundations Benchmark.
How to Fix
To remediate this issue, follow these steps in the Microsoft Teams admin center: