Enable End-to-End Encryption (E2EE) in Microsoft Teams – Admin Center and PowerShell

How to Enable End-to-End Encryption (E2EE) in Microsoft Teams

End-to-End Encryption (E2EE) ensures that calls and meetings in Microsoft Teams are private and secure. Only the participants in the communication can access the content — not even Microsoft can decrypt it. Here’s how administrators can enable E2EE using the Teams Admin Center or PowerShell.

Method 1: Enable E2EE Using Teams Admin Center

Follow these steps to enable E2EE for Teams calls:

  1. Go to Enhanced Encryption Policies
    • Sign in to the Microsoft Teams Admin Center.
    • Navigate to Enhanced encryption policies under Voice > Policies.
    • You can edit the Global (Org-wide default) policy or create a new custom policy.
  2. Update the Encryption Setting
    • Under End-to-End Encryption for Calls, change the setting from
      Not enabledNot enabled, but users can enable.
    • This allows users to manually enable E2EE in their Teams app.
  3. Save Your Changes
    • Click Save to apply the updated policy.

Note: Teams Premium subscribers also get the option to enable E2EE for meetings, not just one-on-one calls.

Method 2: Enable E2EE Using PowerShell

For more control or automation, use PowerShell:

  1. Open PowerShell as Administrator.
  2. Connect to Microsoft Teams: Connect-MicrosoftTeams
    • Run the Encryption Policy Command:
      Replace "Teams Encryption Policy Name" with your actual policy name.
      For the default global policy, use Global (no quotes). Set-CsTeamsEnhancedEncryptionPolicy -Identity "Global" -CallingEndtoEndEncryptionEnabledType DisabledUserOverride
      • DisabledUserOverride: lets users turn on encryption manually.
      • Disabled: blocks users from enabling encryption.

For Teams Premium Users:
You can apply the same command to control meeting encryption, but replace the parameter with:
-MeetingEndToEndEncryption.

End-User Requirements

  • Users must turn on E2EE manually in their Teams client.
  • E2EE works across all supported devices once enabled.
  • Both users in a one-on-one call must have E2EE enabled and an assigned policy that allows encryption.
  • Requires the latest version of the Teams desktop app (Windows or macOS) or mobile app (iOS or Android).

Why E2EE Matters

E2EE adds an extra layer of protection for sensitive conversations. It ensures:

  • No middle party (including Microsoft) can access the communication data.
  • Compliance and privacy standards are met in regulated industries.
  • Calls remain secure even on untrusted networks.
LinkedInCopyPinterestRedditTelegramChatGPTSMS

Related Posts

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by