External access for Microsoft Teams was a highly-desired feature released in September 2017. This tool, now available to all Office 365 Education and Commercial customers, allows the collaboration platform to compete with similar tools like HipChat and Slack, by ensuring that users can connect with clients, customers, and contractors outside of the Teams network.
With guest access, Office 365 users can connect with people outside of their company in a team, ensuring that third-party users have access to document collaboration, chats, and meetings. Since collaboration often goes beyond the internal business to include shareholders, suppliers, and other external figures, this feature can be crucial to running a successful business. The problem is that external users can come with additional security concerns.
How to Offer Guest Access to Microsoft Teams
Before CIOs can deliver guest access to users outside of Microsoft Teams, they’ll need to turn on the “Guest” license or user type with their Azure AD administrator. Microsoft explains the process of enabling the guest feature in a video:
Once you have enabled guest access, adding people outside of your organisation to your meetings and chats is simple:
- Start by opening Microsoft Teams
- Right-click on the team you want to add a guest to
- Click on the “add members” option on the context menu, which opens another screen;
- Enter the email address of the individual you want to bring on board
Teams should recognise the address as being outside of your typical network and add the person as a guest.
You can click “add” in the window that pops up when you enter a guest’s email address, and they’ll receive an invite allowing them to access and activate a guest account. Once they’re onboard, guests typically have all the same capabilities you’d expect for an average member. This means that they can collaborate on documents, engage in chat, and join meetings too.
Securing Guest Access for Microsoft Teams
While guest access can be a powerful tool for CIOs, it also comes with a selection of unique issues to worry about. External access is complicated, as it allows people who you don’t know, or necessarily trust to partake in meeting experiences. With this in mind, Microsoft announced that all guest access accounts can be managed through the Azure Active Directory. This means that CIOs can tap into features like “conditional access” policies for external users.
Additionally, disruptive features in the Microsoft Teams network like machine learning algorithms, are being designed to help detect suspicious behaviour and anomalies that might indicate poor security behaviour initiated by Teams guests.
When it comes to accessing more security with Microsoft Teams, the more control a user has, the better. Currently, CIOs can click on a team name and analyse the users within that team. With the “Guest permissions” feature on the settings tab, admins can decide whether guests should be allowed to update, create, or remove their own channels.
