Microsoft’s latest Teams update makes it easier to chat with external users—but IT admins are wary of the security trade-offs.
Key Takeaways:
Microsoft Teams has started rolling out a new update that lets users start a chat with anyone using just their email address, even if the recipient doesn’t have a Teams account. This new feature is available for small and medium business customers with a Teams Essentials, Business Basic, Business Standard, or Business Premium subscription.
The “chat with anyone” feature is similar to federated chat, but the external participant doesn’t need to have a Microsoft Teams account. Instead, they are added to the host organization’s tenant as a guest, which allows them to engage in conversations without being a native Teams user.
“We’re introducing a new capability in Microsoft Teams that allows users to start a chat with anyone who has an email address—even if they’re not currently using Teams. The recipient will receive an email invitation to join the chat session as a guest, enabling seamless communication and collaboration. This update simplifies external engagement and supports flexible work scenarios,” the company explained on the Microsoft 365 admin center.

The chat experience will be governed by the organization’s Entra B2B Guest policy to ensure that all communication stays within secure boundaries. This feature will be enabled by default, though administrators can disable it if needed.
To disable the new Teams chat feature for specific users, administrators can use the Set-CsTeamsMessagingPolicy cmdlet with the UseB2BInvitesToAddExternalUsers parameter set to $false.
Since external users are added as guests in the tenant, Microsoft Teams users must have permission to invite guests. Additionally, the organization’s B2B collaboration policy must allow guest invitations from the external user’s domain. If that domain is blocked or a guest account can’t be created, the chat feature won’t work.
Guest accounts are also subject to security measures like multifactor authentication, which may require tools like the Microsoft Authenticator app. For added protection, Microsoft Defender for Office 365 can help block malicious content in chats.
IT administrators have expressed concerns about the new Teams feature that allows chatting with external users via email, primarily due to security and governance implications. This feature could potentially increase the risk of unauthorized access or data leakage, especially if not properly monitored. Admins are concerned that enabling this feature by default may bypass existing controls or policies designed to limit external collaboration.
Additionally, this change introduces management overhead, as IT teams now need to actively track and manage guest accounts. It may also conflict with organizations that have strict compliance or data residency requirements. This makes it harder to maintain a secure and controlled environment without additional configuration or policy adjustments.