Microsoft has rolled out a new admin policy for Teams that detects third-party bots trying to join meetings, parks them in the lobby, labels them clearly, and makes the organiser approve them before they get in — as reported by BleepingComputer. Even in meetings where participants can skip the lobby, flagged bots still have to wait for approval. Allow-lists for sanctioned bots, full blocking and audit reports are coming next.
If you’ve sat in many video calls this year, you’ve met the problem. AI notetakers — Otter, Fireflies, Read.ai and friends — turn up in meetings nobody consciously invited them to, usually because someone once connected the tool to their calendar and it now follows every event. We’ve watched them appear in client meetings all year, and in about half the cases the person who “brought” the bot didn’t realise it would come. That’s more than an etiquette problem in Australia. Recording a conversation without proper consent can put you on the wrong side of state surveillance-devices laws — in NSW, all parties generally need to agree — and a transcript full of client details sitting on a third-party server is a Privacy Act question your business owns, not the bot vendor. There’s a security angle too: Microsoft has spent the year adding Teams controls because attackers have been abusing the platform for helpdesk impersonation and malware delivery.
The catch: it isn’t on by default. Your admin needs to enable “Manage external bots and their access to meetings” in the Teams admin centre and assign it to users or groups. Decide which notetakers you actually sanction, switch the policy on, and tell your team what the new lobby prompt means.
If we manage your Microsoft 365, ask us to turn it on — it’s a five-minute job.
Related Guide
Microsoft 365 Services
See how Microsoft 365 can transform the way your team works.
