Body
On April 18, 2025, Pitt Information Technology implemented an important change to improve the security and safety of both Microsoft Teams and Azure at the University. All Azure and Teams users are required to request a Vendor Security Risk Assessment to add new, unvetted apps and plugins to the University's environment.
Pitt IT Security will conduct a review to determine if the app/plugin presents security, privacy, or compliance risks to the University. Pitt IT Security will also be contacting users of current apps/plugins to ensure they meet our security standards. Only those apps/plugins that pass a review will be permitted for use.
With over 2,900 Azure apps and a growing number of Teams plugins, maintaining safe and reliable systems is crucial. This change helps limit University data exposure, reduce risk, and uphold the existing Vendor Security Risk Assessment Operating Standard, protecting our systems from unapproved third parties.
To request an Azure App or Teams Plugin assessment, please request an assessment here.
Related Operating Standards: