Teams – You can now enable quarantine for Teams (preview)

You are probably already aware about the capability to enable for messages sent using Teams (Safe Links).

Well, you can now also enable quarantine capabilities for Teams to help protect your users from malicious message.

In fact, it is an extension of the Safe Links capability to support ZAP (Zero-hour Auto Purge), quarantine and reporting.

This new capability requires a Defender for Office 365 P2 license.

Interestingly, to enable it you need to connect to Exchange Online using the Exchange Online PowerShell module (available here https://www.powershellgallery.com/packages/ExchangeOnlineManagement/).

So first connect to Exchange Online using the below command

Connect-ExchangeOnline

Then check the status for the Teams Security Preview using the command

Get-TeamsSecurityPreview

image

If it is not enabled (default), then run the command

Set-TeamsSecurityPreview -Enable $true

image

Then access your Defender portal (https://defender.microsoft.com/) to access the Settings\Email & collaboration\User reported settings blade to enable monitoring for Teams

image

Then you need to update your Teams messaging policy – I will share with the PowerShell as the Teams administration portal is always behind:

Connect-MicrosoftTeams

Set-CsTeamsMessagingPolicy -Identity <messaging policy identity> -AllowSecurityEndUserReporting $true

You are set, your users will now be able to report messages by using the ellipsis shown top left of a message and selecting More actions\Report this message 

image

You can review Teams message in quarantine by accessing the Teams messages tab (https://defender.microsoft.com/quarantine)

image  image

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.