The availability of the delete API (removeallaccessforuser API) does not stop a malicious user from resending a Microsoft Teams message to the same victim. To help prevent that, a block user feature will allow the admin to block the malicious user from reaching out again. To make this possible, we will use a similar feature as the allow/block list in federation identity credentials to block the malicious user from the entire organization.
This message is associated with Microsoft 365 Roadmap ID 411138.
[When this will happen:]
General Availability (Worldwide): We will begin rolling out late October 2024 and expect to complete by early November 2024.
[How this will affect your organization:]
Admins can now set up a list of users that are blocked from collaborating with their organization. If a user is added to the block list, your organization will not be able to have 1:1 and group chats with these users. If chats already exist before a user is added to the block list, the blocked user will be removed from the chat.
This feature is turned off by default.
[What you need to do to prepare:]
If you wish to use this feature, navigate to external access organization settings to turn this feature on and add users to the block list.
Source: Microsoft
The upcoming update in Microsoft Teams will introduce a block user feature that allows admins to prevent malicious users from contacting their organization again. This feature will be similar to the allow/block list in federation identity credentials, ensuring better security for your organization. So, admins can now create a list of blocked users, preventing them from engaging in 1:1 and group chats with your organization. If a user is added to the block list, existing chats with them will also be removed.
In terms of impact, admins will have more control over who can communicate with their organization, enhancing security measures. Users will experience a safer and more secure communication environment without the risk of unwanted messages from malicious users.
As for criticality assessment, this update is crucial for maintaining a secure communication environment within organizations. It addresses a potential vulnerability by providing a proactive solution to block malicious users, ultimately safeguarding sensitive information and ensuring a safer digital workspace.
So, get ready to navigate to external access organization settings to enable this feature and start adding users to the block list for enhanced security. Remember, this feature is turned off by default, so take the necessary steps to activate it and protect your organization from unwanted communication.