Restricting Third-Party Calls on Teams: Best Practices and Prevention Strategies

Question

How can I restrict third parties from calling users on Teams? Recently, we encountered an incident where an unknown third party started calling one of our users on Teams. What are the best practices to avoid or prevent such incidents from happening in the future?

Answer 1

@Someiah C S

To prevent unknown third parties from calling users on Microsoft Teams, you can implement a few strategies and best practices:

1. Adjust External Access Settings:

• Go to the Microsoft Teams admin center.
• Navigate to "Org-wide settings" and then to "External access."
• Toggle off the options that allow users in your organization to communicate with users outside your organization. This will prevent any external users from making contact unless they are specifically allowed.

2. Configure Teams and Channels:

• Ensure that teams and channels are private. Only members of the team should be able to join calls or meetings.
• Review the members of each team and channel to ensure that no unknown third parties have been added.

3. Manage Guest Access:

• In the Teams admin center, go to "Org-wide settings" and then to "Guest access."
• Review and manage the permissions for guest users carefully. You can restrict what guests can do, such as making private calls.

4. Use Conditional Access Policies：

• Implement Conditional Access policies through Azure Active Directory to control how and when users can access Teams. These policies can help enforce strong authentication and limit access based on location, device, and more.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

---