Although it's open to eavesdropping, the information it's sending, that is, IP addresses and port, can be extracted directly by looking at the source and destination addresses of the packets. The TURN protocol doesn't mandate the traffic to be encrypted and the information that it's sending is protected by message integrity. The TURN protocol is used for real-time media purposes. While TLS doesn't prevent eavesdropping, the attacker can't read the traffic unless the encryption is broken. TLS authenticates all parties and encrypts all traffic. MTLS makes eavesdropping difficult or impossible to achieve within the time period of a single conversation. Teams uses mutual TLS (MTLS) for server communications within Microsoft 365 and Office 365, and also uses TLS from clients to the service. An example is an attack performed by controlling a router on the data path. If the traffic is in plain text, the attacker can read the traffic when the attacker gains access to the path. Eavesdropping is also called sniffing or snooping. Teams mitigates against these attacks by running Azure DDOS network protection and by throttling client requests from the same endpoints, subnets, and federated entities.Įavesdropping occurs when an attacker gains access to the data path in a network and has the ability to monitor and read the traffic.
Teams uses the PKI features in the Windows Server operating system to protect the key data used for encryption for the TLS connections. This section identifies the more common threats to the security of the Teams Service and how Microsoft mitigates each threat. How Teams handles common security threats By requiring all servers to use certificates and by using OAUTH, Transport Layer Security (TLS), and Secure Real-Time Transport Protocol (SRTP), all Teams data is protected on the network. Network communications in Teams are encrypted by default. However, because product development embraced secure design principles from the start, Teams incorporates industry standard security technologies as a fundamental part of its architecture. No system can guarantee complete security. It's impossible to design against all unknown security threats.
Build-time tools detect buffer overruns and other potential security threats before the code is checked in to the final product. Multiple security-related improvements were built into the coding process and practices. The first step in creating a more secure unified communications system was to design threat models and test each feature as it was designed. Teams is designed and developed in compliance with the Microsoft Trustworthy Computing Security Development Lifecycle (SDL), which is described at Microsoft Security Development Lifecycle (SDL).
For full details, see the Microsoft Trust Center. Microsoft Teams, as part of the Microsoft 365 and Office 365 services, follows all the security best practices and procedures such as service-level security through defense-in-depth, customer controls within the service, security hardening, and operational best practices. Any such changes would be made with the goal of keeping Teams secure and Trustworthy by Design. For example, the default access or refresh token expiration times may be subject to modification in order to improve performance and authentication resiliency for those using Teams. The Teams service model is subject to change in order to improve customer experiences.