Microsoft Teams integration with Microsoft Defender for Office Tenant/Allow Block List for domains

🚨 The Signal: Microsoft Teams now integrates with Defender for Office 365 Tenant Allow/Block List. This allows security teams to block specific domains for Teams communications, enhancing control over external interactions and reducing phishing risks.

The Impact

Security teams and Teams administrators are affected, gaining a new control to mitigate risks from malicious external domains.

• Security teams: New control to block risky domains in Teams.
• Teams administrators: Configuration required to implement domain blocks.
• Users: Reduced exposure to unwanted or malicious external Teams communications.
• Compliance officers: Improved ability to meet external communication security requirements.

The Action

1. Navigate to Microsoft Defender portal > Policies & rules > Tenant Allow/Block Lists.
2. Select 'Domains' tab and click 'Add'.
3. Enter the domain(s) to block for Microsoft Teams.
4. Specify 'Block' entry type and select 'Microsoft Teams' as the workload.
5. Review and confirm the new block entry.

Domain: Defender · Impact: high · Workload: Microsoft Defender