🎯 Purpose
✅ Enforce a secure Microsoft Teams meeting baseline, aligned with Essential Eight – Initial Baseline Protections (IBP / Maturity Level 1) and ASD guidance.
➡️ This policy protects meetings against unauthorised access, data leakage, and identity abuse while maintaining collaboration.
👥 Who is affected
✅ Users: All users (once assigned)
🚫 Exclusions: None
➡️ All users governed by this policy must follow the same secure meeting controls.
☁️ What access is protected
✅ Service: Microsoft Teams meetings
✅ Meeting types: Scheduled, ad‑hoc, channel meetings
✅ Participants: Internal, external, anonymous (restricted)
➡️ Any Teams meeting created by governed users is protected by this policy.
🔐 How meeting security is enforced
✅ Anonymous users cannot join, start, or dial out
✅ Anonymous authentication enforced via One‑Time Passcode (OTP)
✅ Lobby admission restricted to Organizers & Presenters
✅ Auto‑admit set to Organizer only
✅ Participants cannot change their display name
➡️ Impersonation and unauthorised access are prevented.
ℹ️ Note: These controls strengthen identity verification and reduce phishing and social‑engineering risk during meetings.
🎥 How content and recordings are protected
✅ Local recording disabled
✅ Cloud recording allowed only to OneDrive / SharePoint
✅ Recording storage outside region blocked
✅ Recording expiration enforced (120 days)
✅ Watermarking enabled for screen sharing, camera video, and anonymous users
✅ Screen capture digitization detection enabled
✅ Live streaming and NDI streaming disabled
➡️ Meeting content is protected from uncontrolled distribution and data exfiltration.
⚙️ What this policy does NOT enforce
🚫 Conditional Access sign‑in controls
🚫 Device compliance requirements
🚫 Network or firewall restrictions
🚫 Advanced AI automation (auto‑start Copilot)
➡️ These controls are intentionally excluded at IBP / Maturity Level 1.
🟢 Policy status
✅ Created
⚠️ Not assigned (must be assigned to users or groups)
✅ Ready for enforcement once assigned
📘 Essential Eight Alignment
✅ Supports Essential Eight – Baseline Controls (IBP / Maturity Level 1)
✅ Reduces unauthorised access to collaboration tools
✅ Protects sensitive information shared during meetings
ℹ️ Stronger restrictions and tighter collaboration controls are addressed in Maturity Levels 2 and 3
📘 Practical Interpretation (Executive‑Friendly)
This Teams meeting policy ensures that:
✅ Meetings cannot be joined anonymously
✅ Participant identities are protected and verifiable
✅ Recordings and shared content are controlled and auditable
✅ Collaboration remains enabled with sensible safeguards
This establishes a secure, ASD‑aligned meeting baseline suitable for Essential Eight Initial Baseline Protections and provides a clear foundation for uplift to stricter meeting controls in higher maturity levels.