Raw Record Source

{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreido4qhljoxablypcvrzenlczi5tvmbq7cscjerowsjsvrt6fhooka",
    "uri": "at://did:plc:xxrzfynfiasdpbxteqxi4jgq/app.bsky.feed.post/3mea7rcgy2ae2"
  },
  "description": "Teams admins will soon access a new Protection reports section in the Teams admin center to review and export user-reported security submissions for calls (from mid-April 2026) and later for chats and channels. This requires enabling user reporting settings and helps improve organizational securi...",
  "path": "/m365-message-center/message/mc1227625/",
  "publishedAt": "2026-02-07T01:00:05.000Z",
  "site": "https://blog.tophhie.cloud",
  "tags": [
    "536571"
  ],
  "textContent": "**[Introduction]**\n\nAs part of our ongoing protection investments in _Microsoft Teams_ , we will continue expanding the ways users can report suspicious or incorrect activity. Users can already report security concerns and incorrect detections in chats and channels (MC1037768, MC1147984), and more recently in calls (MC1223828). These user‑submitted reports help identify potential malicious activity and strengthen your organization’s security posture.\n\nBuilding on this foundation, we will introduce new capabilities that allow Teams administrators to review and export user‑reported security submissions directly in the _Teams admin center_. A new**Protection reports** section will be added under **_Analytics and reports_** , giving admins unified visibility into user‑reported calls, chats, and channels.\n\nThis message relates to Microsoft 365 Roadmap ID 536571.\n\n**[When this will happen]**\n\n**Phase 1 – User‑reported call data**\n\n  * **Targeted Release:** Rollout will begin in**mid‑March 2026** and complete in **late March 2026**.\n  * **General Availability (Worldwide)** : Rollout will begin in **mid‑April 2026** and complete in **late April 2026**.\n\n\n\n**Phase 2 – User‑reported chats and channels**\n\n  * This phase will add message‑level reporting for security concerns and incorrect detections.\n  * The timeline will be communicated in a future update to this Message center post.\n\n\n\n**[How this affects your organization]**\n\n_Who is affected_ : Teams administrators who have access to **Analytics and reports** in the _Teams admin center_.\n\n_What will happen_ :\n\n  * Admins will be able to view and export data about user‑submitted security reports for calls (Phase 1) and later chats and channels (Phase 2).\n  * Reported interactions will begin populating once users submit reports.\n  * Admins will be able to review reported calls or messages and take appropriate action.\n  * Admins will be able to view 1‑day, 7‑day, and 30‑day reporting windows.\n  * This feature**will require that user reporting settings be enabled** in the _Teams admin center_.\n\n\n\nA new **Protection reports** section will appear under**Teams admin center > Analytics & reports**:\n\n**[What you can do to prepare]**\n\nTo ensure reporting data is available when rollout begins, verify that end‑user reporting features are enabled:\n\n  * Enable **Report a call** : **_Teams admin center > Calling settings_**\n  * Enable **Report a security concern** and **Report incorrect detection** : **_Teams admin center > Messaging settings_**\n  * Once enabled and users begin submitting reports, access data at: **_Teams admin center > Analytics & reports > Protection reports > User‑reported security submission_**\n  * Update internal documentation if your helpdesk relies on reporting workflows.\n  * If you maintain training or onboarding materials about Teams security practices, consider adding guidance on how users can report suspicious interactions.\n\n\n\n**[Compliance considerations]**\n\n**Question**| **Answer**\n---|---\nDoes the change store new customer data, if so, where, and is the data cached or permanently stored?| Yes. This change stores new customer data because user‑submitted security reports for calls, chats, and channels are collected and made available in the Teams admin center for administrative review.\nDoes the change alter how existing customer data is processed, stored, or accessed?| Yes. This change alters how existing customer data is accessed because it surfaces reported calls, messages, and detections to Teams administrators for investigation within the new Protection reports area.\nDoes the change alter how admins can monitor, report on, or demonstrate compliance activities?| Yes. This change adds new monitoring and reporting capabilities by providing a dedicated Protection reports section where admins can view and export user‑reported security submissions.",
  "title": "MC1227625: User reported security signals in Teams admin center",
  "updatedAt": "2026-02-07T01:00:05.000Z"
}