Sensitivity labels for Teams meetings

Sensitivity labels in Microsoft Purview historically applied to files and emails. Microsoft has progressively extended them to Microsoft Teams meetings, letting organisations apply consistent protection to confidential conversations — and to the recordings, transcripts, and chats that come with them.

What sensitivity labels can enforce in meetings

When a label is applied to a meeting (either at scheduling time or auto-applied based on content), it can control:

Lobby behaviour — who can bypass the lobby, who must wait.
Anonymous join — allowed or blocked.
Phone dial-in — allowed or blocked.
Recording — disabled, enabled with watermark, end-to-end encryption.
Transcription — disabled, enabled.
Chat — disabled, restricted to participants, allowed.
Copy/paste of meeting links — restricted.
Watermarking of shared content and video (Teams Premium feature).
End-to-end encryption for the meeting media (Teams Premium).
Allowed participants — restricted to specific groups or people only.

The label drives a single coherent set of protections, configured once and applied consistently.

Why this matters

For confidential meetings — board discussions, M&A conversations, security incident response, customer-data reviews — these controls used to be ad-hoc:

Each organiser remembered to disable recording manually.
Each organiser configured the lobby manually.
Inconsistency meant occasional accidental leaks (the meeting that was recorded when it shouldn't have been).

With sensitivity labels, the organiser picks the label — "Confidential — Executive" — and the right protections apply. Consistent, audited, harder to mess up.

Configuration

In Purview, sensitivity labels can be scoped to Teams meetings:

Create or edit a sensitivity label.
Under scope, enable Teams meetings.
Configure meeting protections — lobby, recording, chat, watermarking, end-to-end encryption, allowed-participants.
Publish the label to relevant users / groups.

Users see the label in the Teams meeting scheduling UI; picking it applies the protections automatically.

Auto-application

Labels can be auto-applied based on:

Meeting subject matching specific patterns.
Participants (executives, specific groups).
Content classification (more limited for meetings than for files).

Auto-application catches the user-forgot-to-apply scenarios.

Audit

Every label application, change, and meeting event is logged in Purview audit — useful for forensic investigations and compliance evidence.

Operational considerations

Teams Premium is required for the most advanced protections — watermarks, end-to-end encryption for scheduled meetings, advanced lobby controls.
User experience — labelled meetings show their label in the meeting UI. Communicate to users what each label means and when to use it.
External participants — invited externals from other Microsoft 365 tenants honour the meeting protections (within their client's capabilities); external users from non-Microsoft systems may have a degraded experience.
Recording storage — recordings of labelled meetings inherit appropriate sensitivity labels on the underlying file, so retention and access controls follow.

Common patterns

Confidential — All Hands — recorded yes (for replay), anonymous no, watermarking yes.
Confidential — Executive — recording no, lobby strict, end-to-end encrypted, named participants only.
Confidential — Legal Privilege — extra-strict; named participants only, no recording, no transcription, no external join.

When this is the right tool

For organisations regularly running meetings about confidential matters — boards, executive committees, legal teams, security incident responders — sensitivity labels for meetings dramatically simplify the consistent application of protections. The setup time is small; the ongoing operational benefit is substantial.

For organisations running mostly low-sensitivity meetings, the default Teams meeting policies are usually enough.