Microsoft Teams: Browser support on Teams Rooms on Windows touch boards

🚨 The Signal: Microsoft Teams Rooms on Windows touch boards now include a private browsing mode with Microsoft Edge. This introduces new attack surfaces and requires IT administrators to manage browsing policies to maintain security posture.

The Impact

All organizations using Teams Rooms on Windows are affected, facing increased risk from unmanaged web access on shared devices.

• Security Teams: Risk of unmanaged web access and potential malware on shared devices.
• IT Administrators: New configuration requirements for secure browsing policies on Teams Rooms.
• End Users: Potential for insecure browsing if policies are not properly enforced.
• Compliance Officers: Need to verify adherence to secure browsing and device hardening policies.

The Action

1. Review and configure Microsoft Edge browsing policies for Teams Rooms devices in Microsoft Intune or Group Policy.
2. Implement content filtering and web protection policies to restrict access to malicious or unauthorized websites.
3. Educate users on appropriate use of web browsing on shared Teams Rooms devices.
4. Regularly audit browsing activity and device configurations on Teams Rooms.

Domain: Intune · Impact: high · Workload: Teams · Essential Eight: User Application Hardening · ISM: ISM-1412, ISM-1485, ISM-1486, ISM-1542, ISM-1585, ISM-1667, ISM-1668, ISM-1669, ISM-1670, ISM-1823, ISM-1824, ISM-1859, ISM-1860