Microsoft Teams: Forwarded Messages Links

🚨 The Signal: Teams messages forwarded now include a link to the original conversation. This enhances context but could inadvertently expose sensitive discussions if recipients are not carefully considered, impacting data loss prevention.

The Impact

All Teams users are affected; the risk is unintended information disclosure if forwarded to unauthorised individuals.

• End-users: Risk of accidental oversharing of sensitive information via direct links.
• Security Teams: Increased challenge in monitoring and preventing data leakage within Teams.
• Compliance Officers: Potential for non-compliance with data handling policies due to easier link sharing.

The Action

1. Review and reinforce existing Microsoft Teams data loss prevention (DLP) policies to detect and prevent sharing of sensitive content via forwarded messages.
2. Educate users on the implications of forwarding messages with original conversation links, emphasising data sensitivity and 'need-to-know' principles.
3. Monitor Microsoft Purview audit logs for unusual sharing patterns involving Teams messages and links.
4. Consider implementing sensitivity labels for Teams conversations containing highly sensitive data to restrict forwarding or external sharing.

Domain: Teams · Impact: medium · Workload: Teams