Microsoft Teams: Microsoft 365 admin centers – Manage Teams apps that work on Outlook and Microsoft 365 App

🚨 The Signal: Microsoft 365 and Teams admin centers now unify management of Teams apps across Teams, Outlook, and Microsoft 365 App. This streamlines app governance but requires vigilance to prevent unintended access or data exposure.

The Impact

Admins are affected by unified app management, creating a risk of broader app access if not properly configured.

• Security Teams: Risk of unintended app access across multiple clients if policies are not reviewed.
• Admins: Simplified app management but increased responsibility for unified policy enforcement.
• End Users: Potential for new app availability in Outlook or M365 App based on Teams policies.

The Action

1. Review existing Teams app policies in the Teams admin center (admin.teams.microsoft.com).
2. Review existing Integrated Apps policies in the Microsoft 365 admin center (admin.microsoft.com > Settings > Org settings > Integrated apps).
3. Consolidate and align app access policies to ensure consistent security posture across Teams, Outlook, and Microsoft 365 App.
4. Implement least privilege principles for app assignments and permissions.
5. Communicate changes to relevant stakeholders, including security and compliance teams.

Domain: Teams · Impact: medium · Workload: Teams · Essential Eight: Application Control · ISM: ISM-0843, ISM-1490, ISM-1544, ISM-1582, ISM-1656, ISM-1657, ISM-1658, ISM-1659, ISM-1660, ISM-1870, ISM-1871