To address that, Microsoft this week made one of its biggest moves yet to open up its Teams platform to allow more effective collaboration between users across various organizations. Their most recent feature, however, is a powerful new addition that allows users to talk with people beyond their organizations with external message requests. It is projected to be available worldwide by January 2026. It’s a great improvement that will make things more convenient, while introducing significant security issues that businesses need to be aware of.
This feature will be rolled out by default, with it being easy for users to chat with external contacts through a seamless experience. If the recipient is already on Teams, they will receive an inline notification directly within the chat or channel. This alert will show up in-app as an external message request. This functionality, along with other collaboration enhancements, is designed to help improve communication and encourage teamwork across R&D.
Understanding Guest Access and External Access
It is important to differentiate between guest access and external access in Microsoft Teams. Guest access allows everyone to collaborate securely within a single additional organization’s Teams environment. This is different from external access, which allows people to find, call, or message Teams users outside of their organization.
Organizations have control over these capabilities, since they can turn off external message requests via the TeamsMessagingPolicy. If administrators want to disable this feature for their tenant, they need to specifically set the “UseB2BInvitesToAddExternalUsers” parameter to false. These types of measures help guarantee that organizations can keep external communications secure while still allowing for agile and effective external communication.
“When users operate as guests in another tenant, their protections are determined entirely by that hosting environment, not by their home organization.” – Rhys Downing
The implications of this feature change have broader impacts on data protection and user security. While organizations explore the possibilities presented by these new improvements, they should weigh the dangers of enabling access for external users.
Security Concerns Raised by Experts
As organizations plan for the rollout of this new feature, security experts are calling attention to a handful of potential vulnerabilities. As security researcher Rhys Downing pointed out, this is the second major problem. He cautioned that his victim’s organization may have no idea what risks users are exposed to when interacting with outside tenants. Unfortunately, this lack of awareness can quickly translate into dangerous security blind spots.
It is imperative for all organizations to take the initiative to secure their agency and to know what it means to allow outside access through Teams.
“These advancements increase collaboration opportunities, but they also widen the responsibility for ensuring those external environments are trustworthy and properly secured.”
Microsoft’s recent announcement is a testament to their focus on creating a more efficient and collaborative workspace, all while putting user needs first. The company stated that
Microsoft’s Commitment to Collaboration
This increased emphasis on making communication easy does not negate the need for user security. It absolutely puts user experience front and center.
“The recipient will receive an email invitation to join the chat session as a guest, enabling seamless communication and collaboration.”
This focus on facilitating communication underscores the importance of user experience while balancing security concerns.