Microsoft Tech Community Resource Center
Q: How does Microsoft Teams security work when dealing with users outside the org (either in a B2B scenario or a worse case a B2C scenario)?A: Teams’ built-in security features apply to all users whether employees, B2B partners, or even clients that may be collaborating in the same Teams site. For example, the Conditional Access policy we demo-ed showing multi-factor authentication being required to access an app could be applied to all users, or specified to apply to just external guest users. Watch the full episode online at: : We found applying app protections policies for iOS & Android simple but applying them to Windows required Windows Information Protection and became very challenging to configure and doesn't seem to even work properly for all apps. We have only been able to utilize Cloud app security to enable browser access but it isn't the best experience as users cannot use desktop apps on Windows, for example you cannot use live events on Teams as it only supports the desktop app on Windows.A: This is a known challenge and developing a better solution is on our engineering roadmap. Watch the full episode online at: : As an admin, if one allows external sharing in Microsoft Teams, SharePoint and OneDrive how secure is that really? How can we ensure that allowing access via email address does not allow those invited users to allow someone else to use the link they are sent? Do we need to only add users as guest users to control this?A: Once external users receive the email with a link to redeem their invitation to collaborate, they will still be sent to the corresponding identity provider to sign in. Admins can also query for users who have not redeemed their invitation within a set time and delete them, if desired. If this concern is around email one-time passcode, the one-time passcodes generated are only valid for a set period of time (see docs: ). Note that inviting a guest through B2B collaboration already adds the user to Azure Active Directory as a Guest user type (). Watch the full episode online at: : Where can we find more information regarding Licensing and other configuration info?A: . Watch the full episode online at: : What would be the better/preferred/recommended model for user accounts for Administrators: having separated accounts for "a regular user" and an additional Admin Account (with PIM) or? having a "regular user account" only and then elevate in PIM for Admin tasks?A: It is always best to have 2 accounts. One that you use as a user and a separate one as an Admin. This insures that anu changes done by you or any other admins is tracked and documented. It also ensures that someone does not change something by accident causing unforeseen issues. Watch the full episode online at: . Does this type (MAM) policy require a device to have a broker app like MS Authenticator?A. Yes, Intune Company Portal app is required for applying security policies on the device. End users can download the app from the App store or Google Play. MS Authenticator is an optional app, highly recommended for MFA with Azure AD. Watch the full episode online at: . Microsoft docs says, iOS needs MS Authenticator and Android should have Intune Company PortalA. Intune Company Portal app is required for applying security policies on both Android and iOS devices. End users can download the app from the App store or Google Play. MS Authenticator is an optional app, highly recommended for MFA with Azure AD. Watch the full episode online at: . How to manage content in Teams? Do other companies have policy around collaboration platform. Any suggestions?A. There are a series of default templates by industry but the best way to see what other companies are doing is in our TechCommunity and in our Customer Stories . Watch the full episode online at: . Can you talk about 'Email one-time passcode authentication?Here is the article that discusses the One Time Passcode for sharing: . Watch the full episode online at: . If User X is already covered by a App Protection Policy from Company A ... and now wants to chat with My company .. does Teams support having over-lapping Intune App Protection Policies? I know Outlook can't do that.No, only one management authority is supported with Intune App Protection Policies at a time. Watch the full episode online at: . ................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related searches
- biological resource center locations
- biological resource center illinois
- biological resource center rosemont
- biological resource center investigation
- biological resource center rosemont il
- biological resource center phoenix
- biological resource center of illinois
- biological resource center phoenix arizona
- biological resource center investigation fbi
- biological resource center phoenix az
- biological resource center brc