(Updated) Context preservation in Microsoft Teams

🚨 The Signal: Microsoft Teams will now preserve user context (chat, channel, view state) for 30 minutes after leaving. This default behavior could expose sensitive information if a device is left unattended, increasing data spill risk.

The Impact

All Teams users are affected by a minor increase in data exposure risk if devices are left unlocked and unattended.

• End Users: Increased risk of sensitive data exposure if devices are left unattended.
• Security Team: Potential for information spillage if devices are not secured promptly.
• Admins: Need to reinforce policies on securing workstations when not in use.

The Action

1. Review and reinforce existing policies on securing workstations and devices when unattended.
2. Communicate to users the importance of locking their screens when stepping away from their devices.
3. Consider implementing or strengthening idle timeout policies for devices accessing sensitive data.

Domain: Teams · Impact: medium · Workload: Teams