May 23, 2022 Governance practices for MS Teams Introduction A remote workplace that uses Microsoft Teams as collaboration tool cannot deliver uninterrupted productivity without governance. Governance ensures controlled Teams infrastructure, data protection and a risk-free environment for flexible teams for enhanced collaboration. So, before an organization plans to deploy MS Teams, here are a few important governance considerations for increasing Teams adoption while facilitating an organized teamwork. Access to MS Teams Corporate data in M365 is accessible by employees remotely from various geographical locations through multiple devices using Teams. Hence, content can easily be copied via M365 apps – Teams, Outlook, OneDrive, and SharePoint to a personal device like home PC, tablet, mobile, etc. In such a case, organizations can use conditional access policies to tighten security around sensitive data and restrict access to unmanaged user devices. Further, organizations can also decide to apply multi-factor authentication (MFA) during user sign in for additional security. Team creation and management Teams architecture allows creation of Microsoft 365 group, SharePoint, OneNote, and other workspaces simultaneously. Without governance, employees may create too many workspaces. Hence, an unprecedented growth in teams causes sprawl because of overlapping of those workspaces. Consequently, finding relevant content gets difficult which further impedes productivity and raises security issues. Also, teams should not exist indefinitely. In large-sized organizations, a Teams environment commonly gets flooded with redundant teams, teams without a purpose, ownerless teams and teams that are idle for a long time. This causes consumption of resources unnecessarily and spurs management challenges. An ideal way to combat this problem is to archive or dispose teams once they have served their purpose. To do this, it is important to define Teams landscape by using governance features such as expiration policies and activity-based group expiration during deployment phase. Also, team creation can be restricted to a specific group of users to control proliferation. However, it must be still kept in mind that restricting employees to explore platform and use it freely may decline adoption and not deliver expected results. To strike the right balance between security and productivity, it is better to automate lifecycle management of teams right from their creation to disposal. This includes enforcement of policies for teams nomenclature, setting up of request-approval form for team creation, scheduling notifications for team’s inactivity and automating archival or deletion process after a specified time, etc. This helps optimizing resources, and promotes better visibility and monitoring of Teams ecosystem. “Automation enables effortless administration by mechanizing replicable tasks and gives a sense to employees that platform is in control so that they can create and innovate fearlessly. While you can design an in-house project to automate Teams platform, this can be easily achieved by using a third-party governance software such as TeamsHub.io.“ Teams security, data governance & experience MS Teams provides a comprehensive set of policies for applying org-wide security and controls. For example, external collaboration settings can be configured to prevent overexposure of content to guest users. Next, content sharing controls can be activated during Teams meetings to facilitate remote collaboration while keeping private or confidential elements to yourself. For example, you can show just one window and no notifications or other desktop activity when sharing your window. For secure access and sharing of data, you can enforce two-factor authentication, single sign-on through Active Directory and encryption of data in transit and in rest. Then, apps connected with MS Teams such as SharePoint and OneNote are backed by encryption too. Here, you can configure additional governance policies for to ensure only trusted information is stored. Moreover, using Microsoft 365 retention policies and labels, you can retain content such as chats, messages, files, emails, etc., for a specified period. You can also define rules to delete a content automatically after the retention period is over. Then, integrating retention policies with M365 data protection and recovery tools, you can keep the data as backup and avoid accidental deletions. So far we have observed that MS Teams demands a meticulous administration and management. Hence, to elevate user experience and smooth governance, you can automate security settings such as external access, file sharing and back up and recovery using TeamsHub.io. TeamsHub.io offers an established system to manage external access and resolves the complexity of navigation by joining disparate pieces of settings in a unified interface. Further, you can even monitor files exchanged with users outside of organization effectively and revoke the access whenever required. TeamsHub.io also provides a robust backup and recovery capability to overcome unexpected data loss against basic protection features offered by Microsoft which can easily fall through cracks. To know more about TeamsHub.io, please visit https://teamshub.io or contact sales@cyclotrongroup.com to request a demo