Connect Teams meeting to existing Planner Plans

🚨 The Signal: Teams meetings can now link to existing Planner plans, consolidating tasks. This centralises task management, but also centralises potential data exposure if not properly governed.

The Impact

All users creating or participating in Teams meetings are affected, with a security risk related to consolidated data exposure in Planner.

• End users: Risk of inadvertently exposing meeting tasks to a broader audience if linked Planner plan permissions are too permissive.
• Security teams: Increased complexity in auditing and managing task data access across consolidated Planner plans.
• Admins: Need to review and potentially adjust Planner plan sharing policies to prevent unintended data exposure.
• Organisations: Potential for non-compliant data sharing if sensitive meeting tasks are linked to inadequately secured Planner plans.

The Action

1. Review existing Microsoft Planner sharing policies and permissions for sensitivity and scope.
2. Communicate best practices to users regarding linking sensitive meeting tasks to appropriate Planner plans.
3. Monitor Planner activity logs for unusual sharing or access patterns, especially for plans linked to Teams meetings.
4. Consider implementing Microsoft Purview Information Protection labels for Planner plans containing sensitive data.

Domain: Teams · Impact: medium · Workload: Teams