Report a Security Concern in Teams [CHK-1628]
This check verifies if users can report a security concern in Teams. If disabled, users may not be able to report suspicious messages, files, or links directly from Teams to Microsoft and to security administrators within the organization.
Rationale
Users are often the first to notice suspicious activities in Teams. By enabling the "Report a Security Concern" feature, a human defense layer is created that complements automated security measures. This feature adds a report button to Teams messages, which helps quickly identify phishing campaigns, compromised accounts, or new attack techniques.
Fix
An automated fix is available through Attic. The fix enables AllowSecurityEndUserReporting for Teams.
Manual steps:
- Navigate to Microsoft Teams Admin Center https://admin.teams.microsoft.com
- Select Messaging.
- Select Messaging policies.
- Navigate to the global tab.
- Scroll down and enable "Report a security concern".
- Save the changes.
Impact
Enabling this feature allows users to report suspicious messages and files to your security team, thereby enhancing the security of your organization.