BIO 09.02.01 ISO A.9.2.1

Teams: Only Organizers Can Present (Default)

πŸ“… 2025-10-30
β€’
⏱️ 3 minuten lezen
β€’
🟒 Should-Have

πŸ’Ό Management Samenvatting

Restrict presenting to organizers only (default) - voorkomt attendees sharing inappropriate/malicious content.

Aanbeveling
IMPLEMENT
Risico zonder
Low
Risk Score
4/10
Implementatie
3u (tech: 1u)
Van toepassing op:
βœ“ Microsoft Teams

Presenting = content control: Attack scenarios: Attendee shares: Phishing sites (fake login pages), Inappropriate content (harassment), Confidential data (accidental screen share), Malware demos (social engineering). Organizer-only presenting: Meeting control: Only organizer/co-organizers can share screen, Attendees: Can view, cannot present (unless promoted), Security: Reduces attack surface (fewer users can inject content).

PowerShell Modules Vereist
Primary API: Microsoft Graph API
Connection: Connect-MicrosoftTeams
Required Modules: MicrosoftTeams

Implementatie

Organizer-only presenting: Policy: DesignatedPresenterRoleMode = OrganizerOnlyUserOverride, Default: Organizers can present, Attendees: Cannot (unless organizer promotes them during meeting), Flexibility: Organizer can promote attendees ad-hoc (per-meeting decision).

Vereisten

  1. Microsoft Teams
  2. Teams meeting policy

Implementatie

Teams Admin Center β†’ Meetings β†’ Meeting policies β†’ Participants & guests β†’ Who can present: Only organizers and co-organizers (or: Organizers, co-organizers, and presenters - if promoting needed).

Compliance

BIO 09.02 (Access control), ISO 27001 A.9.2.1.

Monitoring

Gebruik PowerShell-script only-organizers-present.ps1 (functie Invoke-Monitoring) – Controleren.

Remediatie

Gebruik PowerShell-script only-organizers-present.ps1 (functie Invoke-Remediation) – Herstellen.

Compliance & Frameworks

Automation

Gebruik het onderstaande PowerShell script om deze security control te monitoren en te implementeren. Het script bevat functies voor zowel monitoring (-Monitoring) als remediation (-Remediation).

PowerShell
<# .SYNOPSIS Only Organizers Can Present .DESCRIPTION Restricts presentation rights to organizers only for enhanced security .NOTES NL Baseline v2.0 #> #Requires -Version 5.1 #Requires -Modules MicrosoftTeams [CmdletBinding()] param([switch]$Monitoring) $ErrorActionPreference = 'Stop' Write-Host "`n========================================" -ForegroundColor Cyan Write-Host "Only Organizers Present" -ForegroundColor Cyan Write-Host "========================================`n" -ForegroundColor Cyan function Invoke-Monitoring { try { Connect-MicrosoftTeams -ErrorAction Stop $policy = Get-CsTeamsMeetingPolicy -Identity Global $result = @{ isCompliant = ($policy.DesignatedPresenterRoleMode -eq 'OrganizerOnlyUserOverride') presenterMode = $policy.DesignatedPresenterRoleMode } Write-Host " Presenter Mode: $($policy.DesignatedPresenterRoleMode)" -ForegroundColor $( if ($result.isCompliant) { 'Green' }else { 'Yellow' } ) Write-Host "`n Presenter Options:" -ForegroundColor Cyan Write-Host " β€’ OrganizerOnlyUserOverride: Organizer only (most secure)" -ForegroundColor Green Write-Host " β€’ EveryoneInCompanyUserOverride: Everyone in organization" -ForegroundColor Yellow Write-Host " β€’ EveryoneUserOverride: Everyone including external" -ForegroundColor Red Write-Host "`n Security Benefits:" -ForegroundColor Cyan Write-Host " β€’ Prevents unauthorized presentations" -ForegroundColor Gray Write-Host " β€’ Maintains meeting control" -ForegroundColor Gray Write-Host " β€’ Reduces security risks" -ForegroundColor Gray Write-Host " β€’ Ensures proper authorization" -ForegroundColor Gray if ($result.isCompliant) { Write-Host "`n[OK] COMPLIANT - Only organizers can present" -ForegroundColor Green exit 0 } else { Write-Host "`n[FAIL] NON-COMPLIANT - Presentation rights too broad!" -ForegroundColor Red exit 1 } } catch { Write-Host "ERROR: $_" -ForegroundColor Red exit 2 } } try { if ($Monitoring) { Invoke-Monitoring } else { Write-Host "Use: -Monitoring" -ForegroundColor Yellow } } catch { throw } finally { Write-Host "`n========================================`n" -ForegroundColor Cyan } function Invoke-Remediation { <# .SYNOPSIS Herstelt de configuratie naar de gewenste staat .DESCRIPTION Dit is een monitoring-only control, remediation delegeert naar monitoring #> [CmdletBinding()] param() Write-Host "[INFO] Dit is een monitoring-only control" -ForegroundColor Yellow Write-Host "[INFO] Running monitoring check..." -ForegroundColor Cyan Invoke-Monitoring }

Risico zonder implementatie

Risico zonder implementatie
Low: Low: Attendee presenting = inappropriate content risk (phishing, harassment).

Management Samenvatting

Teams: Organizers-only presenting (default). Attendees can view. Organizer promotes ad-hoc if needed. Implementatie: 1-3 uur.