Microsoft Teams: App ratings in in-context surfaces.

🚨 The Signal: Users can now view app ratings within the Microsoft Teams in-context app store. This increases visibility into app quality and potential risks, influencing user adoption of third-party applications.

The Impact

End users are affected by increased transparency, which could lead to them installing more apps, potentially increasing the attack surface if not properly governed.

• End users: May install more apps due to perceived trustworthiness from ratings, increasing exposure.
• Security Team: Increased app installations could expand the attack surface, requiring more vigilance.
• Admins: Need to reinforce existing app governance policies to manage potential increase in app usage.

The Action

1. Review and reinforce existing Microsoft Teams app governance policies in the Teams admin center.
2. Communicate to users the importance of only installing approved applications, regardless of ratings.
3. Monitor Microsoft Teams app usage reports for unapproved or high-risk applications.
4. Consider implementing or refining app permission policies for third-party apps in Teams.

Domain: Teams · Impact: low · Workload: Teams