Microsoft Teams: Presenter joins Townhalls via dial-in

🚨 The Signal: Teams Townhalls now allow presenters to join via PSTN dial-in using a shared code. This introduces an alternative access method for presenters, potentially expanding the attack surface if codes are mishandled.

The Impact

Organizers and presenters are affected, with a moderate security risk if PSTN codes are not securely managed.

• Organizers: Risk of inadvertently sharing PSTN codes with unauthorized individuals.
• Presenters: Risk of unauthorized access if their PSTN code is compromised.
• Security Teams: Need to monitor for unusual dial-in activity to Townhalls.
• Compliance Teams: New access method requires review against existing communication security policies.

The Action

1. Review existing communication security policies for Townhalls to include PSTN dial-in access.
2. Educate Townhall organizers on secure handling and distribution of PSTN presenter codes.
3. Monitor Microsoft Teams audit logs for unusual presenter join activities, especially via PSTN.
4. Consider implementing conditional access policies for Teams Townhall access where applicable, though PSTN may bypass some controls.

Domain: Teams · Impact: medium · Workload: Teams