External Storage in Microsoft Teams [CHK-1620]
This setting determines whether users can open files from external storage services in Microsoft Teams. By default, SharePoint is the file location for Teams, but users may also connect to services like Dropbox, Box, Google Drive, OneDrive Personal, and others.
Rationale
Allowing connections to external storage services can lead to corporate information leaks and malware infection from untrusted storage. Blocking these connections reduces the risk of infection and data leaks.
Fix
An automated fix is available through Attic. To fix it yourself:
- Go to the Microsoft Teams admin center at https://admin.teams.microsoft.com.
- Click on Teams and select Teams settings.
- Set all unauthorized storage services to Off.
Impact
Disabling external storage services in Teams will prevent data leaks and malware infections from untrusted sources.
More Information
For more details, visit Microsoft 365 Enterprise.
CIS Mapping
- CIS Item: 8.1.1 (L2) Ensure external file sharing in Teams is enabled for only approved cloud storage providers (Automated)
- Profile: E3 Level 2