Microsoft Teams: Governance for built-in agents in the Teams admin center

🚨 The Signal: Microsoft Teams is centralizing governance for built-in AI agents like Copilot in a new admin center location. This provides granular control over agent access and settings, improving enterprise AI security posture by separating them from traditional apps.

The Impact

Microsoft 365 tenant admins are affected, gaining enhanced security controls over built-in AI agents, reducing the risk of unauthorized AI agent use.

• Tenant admins: New dedicated portal for AI agent management.
• Security teams: Improved control over AI agent access and configuration.
• Compliance officers: Better auditability of AI agent deployments.
• Users: Potential changes to AI agent availability based on new policies.

The Action

1. Review existing Teams app governance policies for built-in agents.
2. Familiarize with the new 'Teams admin center > Teams apps > Built-in Teams agents' interface.
3. Define and apply granular access policies for built-in agents (e.g., Channel Agent, Copilot Agent) to specific users/groups.
4. Configure agent-specific settings as required by organizational security policies.
5. Communicate changes in AI agent availability or functionality to end-users.

Domain: Agentic-AI · Impact: high · Workload: Teams · Essential Eight: Restrict Administrative Privileges, Application Control · ISM: ISM-0445, ISM-0843, ISM-1175, ISM-1380, ISM-1490, ISM-1507, ISM-1508, ISM-1509, ISM-1544, ISM-1582, ISM-1647, ISM-1648, ISM-1650, ISM-1656, ISM-1657, ISM-1658, ISM-1659, ISM-1660, ISM-1686, ISM-1688, ISM-1689, ISM-1870, ISM-1871, ISM-1883, ISM-1897, ISM-1898