This blog article was originally posted on April 22, 2019, by Robert J. Gates
Microsoft Teams is a transformational tool, with that make sure to spend some time thinking about how you should configure various security, compliance, and governance settings across the platform.
For the past several years I have had the opportunity to transform the way I work, communicate, and collaborate within my team and across various groups internally and externally. At first glance, Microsoft Teams may look like a simple chat client but there are many aspects across data, communication, and collaboration capabilities that can produce a fair amount of data.
The data generated within Microsoft Teams can provide a ton of value for an organization but for a legal, security, and compliance aspect it’s important to spend some time making sure you have Microsoft Teams configured to meet your organization’s needs.
To get started I recommend taking a look at the Microsoft Teams Governance Quick Start Guide. It’s a great place to get started in identifying and preparing your Microsoft Teams environment. As you continue your journey in deploying Microsoft Teams you will want to drill down in the various Microsoft Teams Policies focused on the various elements across the platform.
Core elements you should review as part of your Microsoft Teams deployment:
Used to control which chat and channel messaging features are available to users in Microsoft Teams. You can use the default policy that is created automatically or create one or more custom messaging policies for people in your organization.
Used to control the features that are available to meeting participants for meetings that are scheduled by users in your organization.
Control what apps are available to Microsoft Teams users in your organization. You can allow or block all apps or specific apps published by Microsoft, third-parties, and your organization. When you block an app, users are unable to install it from the Teams app store.
Customize Microsoft Teams to highlight the apps that are most important for your users. You choose the apps to pin and set the order that they appear. App setup policies let you showcase apps that users in your organization need, including ones built by third parties or by developers in your organization. You can also use app setup policies to manage how built-in features appear.
Control who in your organization can upload custom apps to Microsoft Teams. Admins decide which users can upload custom apps, and admins and team owners can determine whether specific teams in your organization allow custom apps to be added to them.
Used to enforce a consistent naming strategy for Office 365 groups created by users in your organization. A naming policy can help you and your users identify the function of the group, membership, geographic region, or who created the group. The naming policy can also help categorize groups in the address book. You can use the policy to block specific words from being used in group names and aliases.
Can help remove inactive groups from the system and make things cleaner. When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, etc.) are also deleted.
Allows teams in your organization to collaborate with people outside your organization by granting them access to existing teams and channels on one or more of your tenants. Anyone with a business or consumer email accounts, such as Outlook, Gmail, or others, can participate as a guest in Teams with full access to team chats, meetings, and files.
Provides users from other domains the ability to participate in chats and calls. You can also allow external users who are still using Skype for Business to participate.
Provides a way to search Teams 1:1 or group chats which are journaled through to the respective users’ mailboxes, and all channel messages are journaled through to the group mailbox representing the team. Files uploaded are covered under the eDiscovery functionality for SharePoint Online and OneDrive for Business.
In Microsoft Teams, it supports all the identity models that are available with Office 365.
A process that lets Teams know that users have already entered their credentials (like their work email and password) elsewhere, and they shouldn’t be required to enter them again to start the app.
Allows you to place a user or group on hold where all message will be retained.
Allows you to investigate specific activities across Office 365 services. For Teams, here are some of the activities that are audited.
Provides an ad-hoc way to query Microsoft Teams information spanning Exchange, SharePoint Online, and OneDrive for Business.
Allows admins to configure retention policies (both preservation and deletion) in the Security & Compliance Center for Teams chat and channel messages. This helps organizations either retain data for compliance (namely, preservation policy) for a specific period or get rid of data (namely, deletion policy) if it is considered a liability after a specific period. Teams retention policies ensure that when you delete data, it is removed from all permanent data storage locations on the Teams service.
Based on the geographic region associated with your Office 365 tenant. Currently, Teams supports Australia, Canada, India, Japan, United Kingdom, Americas, APAC, and EMEA regions.