Microsoft Teams adds new admin policy to block unauthorized third-party bots from meetings
Microsoft has introduced a Teams admin policy that blocks unauthorized third-party bots from joining meetings without organizer approval, with additional controls including bot allow lists and audit logs coming soon.
Microsoft has introduced a new Teams admin policy that allows meeting organizers to prevent third party bots from joining without explicit approval. The feature, rolling out across Windows, macOS, Android, and iOS for standard multi-tenant and GCC environments, gives organizations more control over automated participants in meetings.
Once enabled, the policy automatically detects potential bots, places them in the meeting lobby, clearly labels them as non human participants, and prompts the organizer to confirm admission. Even in meetings where attendees normally bypass the lobby, bots identified by this policy will still require organizer approval before joining.
Growing threat from external bots and impersonation
Microsoft has been expanding its Teams security posture in response to increasing abuse of the platform by cybercriminal groups. In December 2025, Microsoft added the ability for admins to block external Teams users via the Defender portal to prevent ransomware groups from exploiting Teams in social engineering attacks. In January 2026, Teams introduced fraud protection features for calls that warn users about callers impersonating trusted organizations. More recently, in April 2026, Microsoft warned that attackers are increasingly using external Teams collaboration to gain access and move laterally on enterprise networks, often impersonating IT or helpdesk staff.
- The new policy is called “Manage external bots and their access to meetings” and can be assigned to individual users or specific groups via the Teams Admin Center.
- Additional admin controls are planned, including allow lists for approved bots, policies to block external bots entirely, admin reports, and audit logs on bot detection and presence.
- More granular controls aligned to different security requirements are also in development, though Microsoft has not specified a release date.
Next steps for Teams bot management
Microsoft is also developing a call reporting feature, announced for mid March 2026, that will allow users to flag unwanted or suspicious calls as potential phishing or scam attempts. Together, these updates signal Microsoft’s effort to make Teams a less attractive vector for attackers who have historically used external chats and bot impersonation to trick employees into granting remote access.
The new bot policy is available now for customers on Windows, macOS, Android, and iOS in worldwide standard multi-tenant and GCC cloud environments. Microsoft has not announced pricing changes or additional licensing requirements tied to the feature.
Fact check
-
Microsoft introduced a new Teams admin policy that blocks unauthorized third-party bots from joining meetings without organizer approval.
reported · source
-
Once enabled, the policy automatically detects potential bots, places them in the lobby, labels them, and requires organizer approval.
reported · source
-
Additional admin controls including allow lists, policies to block bots entirely, and admin reports/audit logs are planned.
reported · source
-
In December 2025, Microsoft added ability to block external Teams users via Defender portal to prevent ransomware groups from abusing Teams.
reported · source
-
In April 2026, Microsoft warned that attackers are increasingly using external Teams collaboration for access and lateral movement.
reported · source
Source reporting (3)
Join the conversation
You need to be registered and logged in to comment on blog articles.
0 Comments
No comments yet
Be the first to share your thoughts on this article.