Governance and Compliance with Microsoft Teams

Teams Governance and Compliance

Microsoft Teams needs no introduction. From a multifunctional communication platform to an essential hub for today’s modern workplace, Teams has added a lot of value to organizations looking for effective, secure and fast collaboration specially during the past months with the increase of the remote work.

In order to allow users within your organization to access all the Teams features while having mechanisms for keeping risks in check, you need to roll out a governance and compliance plan. Governance in the context of Microsoft Teams is about IT and business controls, and empowerment of users to get the maximum value from Teams.

Microsoft suggests making the following decisions in order to be able to secure and make your teams environment manageable:

  • Who can create Teams?
  • Teams naming conventions
  • Guest access
  • Approved apps
  • Are meetings included?
  • Data security

Guest Access

Teams allows users to interact with external and guest users. Also, guest access allows teams in your organization to collaborate with people outside your organization by granting them access to existing teams and channels.

By default, external access is fully enabled in Teams tenant wide.

Who Can Create Teams?

When a user creates a Team in Microsoft Teams, an Office 365 Group is also created. This Office 365 Group, by default, creates an Outlook distribution list, a SharePoint Site Collection, a shared Calendar, Planner, and OneNote notebook for the group members. With so many interconnected elements, things can quickly become a virtual “Wild West”.

The ability to create collaboration spaces should only be afforded to certain people, which may include:

  • Your IT department, which can approve the functions available to each subset of users.
  • Business owners, who have ultimate responsibility for your company’s data security.

Who can create Teams

Teams Naming Conventions

A naming policy can help you and your users identify the function of the group, membership, geographic region, or who created the group. You can use the policy to block specific words from being used in group names and aliases. It may feel overly restrictive to control how users name individual Groups and Teams but think back to those employees who struggle to find a document. The same scenario happens when users cannot find the Group or Team they need.

Data Retention

For most organizations, the volume and complexity of their data is increasing in a daily basis—email, documents, instant messages, and more. Effectively managing or governing that information is important, and a retention policy can help you achieve all of these goals.

Managing content commonly requires two actions:

  • Retaining content so that it can’t be permanently deleted before the end of the retention period.
  • Deleting content permanently at the end of the retention period.

Teams Data Retention

Legal or Litigation Hold

A legal hold (also known as a litigation hold) is a notification sent from an organization’s legal team to employees instructing them not to delete electronically stored information. Within Microsoft Teams, an entire team or select users can be put on hold or legal hold. By Doing that, all messages that were exchanged in those teams (including private channels) or messages exchanged by those individuals are discoverable by the organization’s compliance managers or Teams Admins.

Learn More

In conclusion, with all the tools provided by Office 365, the implementation of security and governance controls is the winning move in facilitating a successful, scalable adoption and governance strategy. For more information you can check out Plan for governance in Teams here, or if you’d like to learn more about Security and compliance on teams click here.

Your governance plan will only be effective if everyone within your organization understands their roles, responsibilities, and how to use Microsoft Teams. That is why we want to invite you to watch  VNEXT on-demand webinars and join our coming virtual session next October 14 for you to ask questions, connect with our specialists and learn more about “Teams Callings and Meetings”.