Particle.news

Microsoft Adds Admin Controls to Stop External Bots in Teams Meetings

A new Teams admin policy routes detected bots to the lobby, labels them for organizers, and requires human approval by default.

Overview

  • Microsoft began rolling out the new Manage external bots and their access to meetings policy in late June and the default setting now requires an organizer to approve detected bots before they join.
  • Teams uses a mix of behavioral and infrastructure signals to identify likely bots so the system can distinguish automated agents from human participants when they try to join.
  • Detected bots are sent to the meeting lobby and visually marked as registered or suspected threats so organizers can see who is waiting and make informed admission choices.
  • The experience adds UI safeguards to reduce accidental admission, including removing one-click Admit for identified bots, showing confirmation prompts, warning on Admit all, and retiring the older CAPTCHA verification policy.
  • Microsoft is previewing a Teams Bot Identification Program for ISVs to register known bots and says it will add admin features such as allow lists, org-wide blocks, and audit reports to give organizations more control and traceability, which should cut accidental data exposure and ease investigation of unwanted participants.