Inside Out Security Blog » IT Pros » What SysAdmins Can Expect for Microsoft Teams in 2021

With the pandemic increasing work-from-home in 2020, Microsoft Teams is poised to stake its claim as the enterprise collaboration platform in 2021. Microsoft has been rapidly adding features and functionality to make its users more collaborative both at home and in the office. In this post, I will outline what features to watch for in 2021 as well as my predictions and wishlist items for Microsoft Teams. I will also cover my top security best practices to review for your Teams deployment.

Microsoft Teams Trends in 2021

Below I’ll cover some of the most important things to look out for in Microsoft Teams this year including coming back into the office, meeting compliance standards and more.

Returning to the Office

Many organizations are beginning to return to the office in a staggered fashion. To prevent overcrowding in an office space, organizations are developing ways to schedule employees coming into the office. Microsoft Teams can help! Microsoft Shifts allows managers and departments to create schedules, and users can book their preferred workspace using the Microsoft Shifts app inside of Teams on their desktop or mobile clients. Microsoft Shifts is included in every Teams license at no additional charge. Read more about using Shifts in Return to Work – Office Space Distancing.

Enhancing the Meeting Room Experience

Last year, Microsoft released several improvements around the meeting room experience in response to the pandemic, including proximity join for Teams conference phones. This feature enabled a touchless experience for in-person meeting attendees. In 2021, organizations can expect Microsoft to continue meeting room improvements to support returning to the office such as:

• Capacity notifications: A Teams Room device can notify in-room meeting attendees if the room is over-capacity-based.
• Voice commands: Attendees can use voice commands to manage controls on Teams Room devices.
• Device casting: Attendees can present content from their mobile phones to a Teams Room device.
• Room Remote: Users can manage meeting devices through their Teams mobile app, such as turning microphones on and off, adjusting audio, or leaving the meeting.
• Zero-touch provisioning: Administrators can remotely provision and sign into Teams devices from the Teams admin center

Microsoft is also releasing a new category of Teams devices with Microsoft Teams Panels. These devices are mounted outside a meeting space and provide users with information on the meeting room. Users will be able to view upcoming scheduled meetings in the space, reserve the room, or view nearby rooms that are available.

Innovating with Teams Voice and Devices

Microsoft continues to position Teams as the replacement for your legacy phone system with new features and enhancements to drive collaboration. While Microsoft already works with many vendors to provide Teams-certified devices, Microsoft is pushing this collaboration to make replacing phone hardware as easy as possible.

Collaborative Calling in Channels

The Microsoft Teams Phone System license includes access to voice features, such as call Queues. Call Queues distribute incoming calls to a group of agents. Right now, Microsoft is lacking reporting around call queues such as the number of calls answered by agents. Later this year, Microsoft is releasing Collaborative Calling, which enables connecting a Call Queue to a channel in Teams.

Agents can collaborate while taking calls in the queue, and team owners can manage Call Queue settings. Collaborative Calling is designed for groups such as IT service desks or an HR hotline. I’m excited about this feature and bringing more reporting capabilities to organizations.

More Affordable Phone Devices

Microsoft continues to work with hardware vendors to provide more certified Teams devices. In the first half of this year, these partners are releasing a new line of affordable Teams phones that rely less on digital screens and have physical buttons, high-quality audio, and core calling features. These phones are ideal for common areas and for information workers who only need basic functionality. Check with your current Microsoft Teams hardware vendor for more information.

Speaking of phones, Microsoft is also extending support to non-branded Teams SIP phones from vendors such as Cisco, Yealink, Poly, and others. This functionality will allow organizations to utilize Microsoft Teams with their existing SIP phone purchases for core-calling features only. Details on what features these will have not been released yet.

Organizations will be able to save some initial costs for their migration to Teams voice without purchasing new desktop phones. For a full, rich Microsoft Teams experience, organizations should still consider moving to a Teams-certified headset. Microsoft is releasing support for these devices in the first half of 2021.

Taking Teams Meetings to the Next Level

While Teams meetings and Live Events are great for internal and external collaboration, many organizations would like to host webinars in Teams. Coming in the first half of 2021, Microsoft is releasing the ability to add a custom registration page to Teams meetings to manage attendance. After a person registers for the meeting, the attendees will receive an automatic email invitation with the webinar meeting invite. After the meeting is complete, meeting organizers can view a reporting dashboard to understand attendee engagement.

In 2020, Microsoft announced the release of a new Teams add-on SKU called Advanced Communications. Advanced Communications provides more calling and meeting capabilities to expand audience reach and customization. Already available, organizations can use this new plan to increase Live Events to 20,000 participants.

Later this year, the service will enable interactive meetings of up to 1,000 participants (over the current 300 maximum) with up to 20,000 participants joining in a view-only mode. Organizations can also design the meeting lobby with their branding. To me, the Advanced Communication license is not a license that every user will need but only key people who need these additional meeting options.

Meeting Regulatory and Security Requirements

As more workloads are consumed in the cloud, security is always a top issue for systems and security administrators. In this upcoming year, Microsoft is providing organizations new tools to meet the challenge.

Bring Your Own Key

By default, Microsoft encrypts Teams data at rest inside their data centers. Currently in preview and being released to tenants later this year, Microsoft is allowing customers to bring their own encryption keys for their Teams data. Other services such as Exchange Online, SharePoint Online, and OneDrive currently have this feature. This feature is a big win for organizations with regulatory requirements to control their own encryption keys.

Graph API Enhancements

Exporting Teams content out of the Office 365 admin center is currently not a great experience. However, later this year, Microsoft will add a new capability to the Microsoft Graph API for exporting messages. The Graph API can access private and group chats along with attachment and media. Organizations can export messages for retention, indexing, e-discovery, and classification to meet regulatory requirements.

Teams Security Best Practices

While organizations rushed to roll out Teams during the pandemic, many may have not taken the time to review the policies are securing their deployment. Here are my top security tips for securing Teams for your users.

Guest Access

With guest access, your users can invite people outside the organization to participate in a team’s channels, chats, documents, and applications. These guests do not require an account in your organization to sign in and access your resources. They can use their existing business account (via their own Office 365 tenant) or a consumer email account (outlook.com, gmail.com, and others).

Guest Access can be disabled in the Teams admin center by navigating to Org-wide settings > Guest access. If you decide to leave it enabled, you restrict what features guests have access to, such as calling, meeting, and messaging. You can also set domain allow or block lists in Azure Active Directory to limit which domains are allowed as guest users.

On February 8, 2021, Microsoft made a change to the default settings for guests in Microsoft Teams. Microsoft enabled guest access by default for customers who have not previously configured this setting. This change brings Teams in alignment with other services in the Office 365 suite where it is enabled by default. If you haven’t previously configured guest access in your Teams tenant, go and verify the setting is what you want it to be.

External Access

External access, or federation for legacy Lync and Skype administrators, allows your users to call and chat with users outside your organization. In external access, the external user is using their own Teams or Skype account to communicate with your internal user. External access does not allow the outside user to participate in conversations in a team’s channels like guest access does.

By default, a Teams tenant is set to open federation, meaning people in your organization can communicate with external organizations in any domain (assuming the external domain allows communication too). Like guest access, administrators can set allow and block lists for domains to limit this federated communication.

To configure federation, in the Teams admin center, navigate to Org-wide settings > External access. Here you can allow your users to communicate with other Teams, Skype for Business, or Skype consumer users. If you add any allowed domains, then all other domains will be blocked. Likewise, if you add any domains to the block list, then all other domains are allowed. You cannot mix allowed and block domains in the list. If you turn off external access, users can still join your organization’s meetings through anonymous join (if allowed).

Meeting Policies

Meeting policies hold a wealth of security options for your Teams meetings. You can access the policies by navigating to Meetings > Meeting policies. Here are my recommended settings for a few of these controls:

• Allow an external participant to give or request control: Disable this setting so only internal users can control a presenter’s screen
• Let anonymous people start a meeting: Disable this setting to prevent unauthenticated users who dialed in to a meeting from starting the meeting without an authenticated person present
• Roles that have presenter rights in meetings: Configure so everyone in the organization is automatically a presenter but external users are attendees. Attendees have fewer permissions in a meeting. The meeting organizer can modify this setting when scheduling a meeting.
• Automatically admit people: Configure so everyone in your organization is automatically admitted to the meeting but external people are admitted through the lobby.

For absolute meeting security, you can navigate to Meetings > Meeting settings and disable any anonymous user from joining a meeting. If you configured allowed or blocked domains in external access settings, then external users only in those domains can join your meetings.

My Teams 2021 Predictions and Wishlist

While Microsoft Teams is making great strides, here are a few predictions and wishlist items I’d like to see:

• Increased Cortana integration: Microsoft is adding Cortana to control Teams Rooms Devices, I predict Cortana will continue to integrate into Teams at the personal level through devices and the desktop client.

• Improved Client: The ability to pop-out meetings, chats, and apps has been a fantastic UI improvement. I’d like to see the ability to open multiple instances well as a tabbed chat window.

• Better Tenant Switching: If you are a guest in another tenant, switching the Teams client is a bit of a pain. While tenant switching speed has improved, I’d like to see a model more like Slack workspace switching.

Microsoft Teams Moving Forward

In 2020, we saw Microsoft Teams have rapid improvements and features released in response to the pandemic. Microsoft will continue this momentum into 2021 to cement Teams as the premier enterprise collaboration. For more information on securing Microsoft Teams, check out How to Use Microsoft Teams Safely and Safely.