Microsoft is set to roll out an update for collaboration platform Teams that will add a layer of friction to using third-party app integrations, but for good reason.
“In order to better secure Microsoft Teams third-party applications that request native device permissions – such as camera, microphone or location access – we will be requiring users to manually opt-in for these permissions per app in the Microsoft Teams web browser experience,” wrote Microsoft.
This is already the case across the Microsoft Teams desktop and mobile clients, the roadmap entry goes on to explain.
The new web client permissions system is still under development, but should take effect for all users by February next year.
Microsoft Teams apps
Since the start of the pandemic, collaboration software vendors like Microsoft, Zoom and Slack have worked hard to expand upon in-built functionality (video conferencing, VoIP, messaging, file-sharing etc.) with third-party integrations.
In Microsoft’s case, the company is aiming to turn Teams into a central hub for work, by building as wide a range of functionality into the platform as possible, from cloud storage and CRM to project management, calendering and more.
Only last week, Microsoft revealed it is developing a new-look app store that should make it easier to identify the most useful third-party integrations on a per user basis.
As the number of Teams applications grows, however, the likelihood one might be abused for cybercriminal purposes rises too. To nip any potential issues in the bud, Microsoft will soon require users to manually specify app permissions across all Teams clients (desktop, mobile and now browser).
Of course, the measure won’t stop users from giving malicious apps access to their webcam and audio feed, but at the very least it will force people to think twice about which apps they engage with.