Microsoft Teams: Ability for meeting participants to edit their display name

🚨 The Signal: Teams meeting participants can now edit their display name during a meeting, overriding their tenant-set name. This introduces a potential for identity spoofing and makes auditing harder.

The Impact

All Teams users are affected, increasing the risk of identity spoofing and making incident response more complex.

• Security Teams: Increased difficulty in identifying malicious actors in meetings.
• Incident Responders: Challenges in tracing user actions due to mutable display names.
• Compliance Officers: Potential non-compliance with identity verification requirements.
• End Users: Risk of impersonation by other meeting participants.

The Action

1. Review existing Teams meeting policies for guest access and external collaboration.
2. Communicate to users about the potential for display name changes and the importance of verifying participant identities.
3. Consider implementing stricter meeting lobby controls for sensitive meetings.
4. Educate security teams on new methods for identifying users in Teams audit logs.

Domain: Teams · Impact: medium · Workload: Teams