Forum Discussion
Solved
External Access - What can external users do?
Dear community,
I just got external access working with both test tenants that my organization has. However, I want to clarify some things about what external access opens up for other users from other organizations (in case of "open federation"). My questions are the following:
1. In case of "Open Federation / no blocked domains": Can anyone who has access to my emailaddress, has Teams and external access with "open federation" as well, just send me a chat message, without any form of me having to accept that incoming chat message?
2. In case of "Open Federation / no blocked domains": Can anyone who has access to my emailaddress, has Teams and external access with "open federation" as well, just give me an ad hoc call via their Teams chat, without any form of me having to accept that incoming call?
I am asking this just to make sure I get this straight. Because if there is no sort of security in the sense of blocking incoming external calls or messages when using external access in combination with "Open federation", then potentially you open up a new channel for spamming and phishing right?
Thank you so much for your help,
Sylvester
Sylvester- I think it really depends on HOW the other Federated domains have their configuration set.
The first link doesn't exactly mention IF the External participants can see your e-mail. However, If they already have it then they would be able to send a Chat request or add you as a Contact. I suppose a malicious user in a Federated Domain could spray your users if they had a list of e-mails but that is very low chance if the Federated domain is trustworthy.
I did find another article at the very bottom of the first doc that tries to explain External versus Guest.
5 Replies
- Lots of good information here https://docs.microsoft.com/en-us/microsoftteams/manage-external-access HERE https://techcommunity.microsoft.com/t5/healthcare-and-life-sciences/getting-started-with-microsoft-teams-guest-access-answers-to-top/ba-p/683930 AND Here https://docs.microsoft.com/en-us/microsoftteams/guest-experience
Hi Forrest_H ,
Thanks for the quick response! In your references I see a lot of information on Guest Access. However, guest access is something different compared to External Access. Guest access allows collaboration and also much more control in terms of security.
My questions are purely about external access with open federation. However I cannot find answers to my specific questions as stated before when going through the Microsoft documentation. Any more ideas?
Thanks,
Sylvester
Sylvester- I think it really depends on HOW the other Federated domains have their configuration set.
The first link doesn't exactly mention IF the External participants can see your e-mail. However, If they already have it then they would be able to send a Chat request or add you as a Contact. I suppose a malicious user in a Federated Domain could spray your users if they had a list of e-mails but that is very low chance if the Federated domain is trustworthy.
I did find another article at the very bottom of the first doc that tries to explain External versus Guest.
