November 26, 2020

Importance of self-service in Microsoft Teams


Microsoft Teams deployment and roll out for a new way of work can sometimes lead to an overwhelming experience if not controlled or governed especially in an organization of many users. The creation of many teams which leads to duplication of information and crazy chat group sprawls does not help promote user adoption. Rather, this type of user behavior jeopardizes effective engagement, taxes administrators, and may put security at stake – hindering overall productivity. This usually has the opposite effect of fostering employee innovation, user engagement, and adoption of the new system

In such a situation, how can organizations prepare to keep this scenario from happening?

A self-service approach in Teams with proper guardrails and IT as a Service approach always provides plenty of benefits. By sharing some controls with the users and providing them the right tools to empower them to provision Teams can drive autonomy and creativity while simplifying the management of the entire Microsoft 365 tenant.  

Signs when you need self-service functionality in Teams

Now, we will explore a few scenarios that highlight the right time to enable self-service:

  • Your Teams environment is a wild wild west with few or no control due to teams sprawl, sites or groups duplication, data redundancy, and loss of information due to noise.
  • You feel the need to train users for creating new teams and processes that take place in the background.
  • Users fail to understand the purpose of Teams or collaborate efficiently using various inbuilt apps and tools, because of which end-results show no improvement.
  • Users exchange sensitive information without appropriate controls in place that leads to serious security issues.
  • Administrators fail to effectively monitor teams because of poor visibility, content discovery, and shared resources tracking.

User self-provisioning strategies

Let’s explore few strategies to extend self-governance capabilities in Teams and to understand its importance in user productivity:

1. Who can create teams?

It largely depends on an organization’s culture – to decide who can create teams, groups, or sites. There are three ways you can use the governance framework for implementing self-service functionality:

  • Firstly, you can disable creation for all users.
  • Secondly, you can allow a specific group of users only to create teams, sites, and groups.
  • Lastly, you can enable creation for all users.

For doing this, you need to have either an Azure AD Premium license or an Azure AD Basic EDU license.

Now, we need to remember that disabling users can prevent them from doing what they want and hence, can cause them to switch to other tools or services resulting in Shadow IT. A better option for this would be to create a trusted group of users who can be granted permissions to create teams, groups, and sites except for administrators. Then, there are times when you should enable all users to create things together in a flexible way. However, a good practice is to provide users with a request form to fill before giving them these capabilities to overcome governance challenges .

2. Providing request forms to users for team or site creation

By automating a team or site request form, you can capture team profile data including team summary and notes. After verification, the team can be approved by the administrator or approver if it matches organizational requirements such as launching a new project, updating a project, commencing a new task, adding a new work scope, etc. You can also create dynamic forms to streamline data gathering under various business scenarios.

3. Managing lifecycle of teams, sites and groups

The idea here is to utilize the collaboration space as long as a team, site or group exists. With a proper governance plan, lifecycle management of teams, sites, and groups can be automated by configuring expiration policies. Doing this can effectively monitor inactive entities and based on their sensitivity, you can decide to archive or delete them after a specified time. This allows for the best use of resources and in this way you can keep a healthy tenant environment and get rid of unproductive content.

4. Naming groups appropriately

When enforcing naming conventions, you let users understand how to differentiate between teams and groups. For example, you could use the naming policy to communicate the function of a group, membership, geographic region, or who created the group. You could also use the naming policy to help categorize groups in the address book. Then, you can use the policy to block specific words from being used in group names and aliases. You can also upload a set of blocked words specific to your organization to be blocked in groups created by users. This forbids duplicate content creation and helps in deriving the most accurate search results.

5. Labeling a group’s sensitivity for classification

You can create sensitivity labels that the users in your organization can set when they create a Microsoft 365 group. You can create classifications that the users in your organization can set when they create an Office 365 group using Azure Active Directory. You can use sensitivity labels to classify teams, sites and groups, maintain the privacy of groups, protect documents and emails, manage external access, and control access from unmanaged devices.

Using a third-party governance tool

To fill Microsoft Teams governance gaps, onboarding a third-party governance tool such as TeamsHub by Cyclotron can be a wise decision. With innovative administrative solutions, TeamsHub by Cyclotron can effectively turn all collaboration clutter into successful Teams management knitting people, processes, and structure together. To brief out, using TeamsHub by Cyclotron you can:

  • Automate Teams governance and eliminate chances of human error
  • Define administrative privileges by adding roles as administrators, owners, and members
  • Activate self-service automation for creation of teams, sites, Yammer groups and more
  • Set rules and policies for the creation process and naming conventions for groups
  • Manage external user access on different levels and grant and revoke permissions on shared files
  • Apply lifecycle policies on teams, sites, and groups for archival and deletion
  • Monitor activities of teams, sites, groups and more to check their performance and progress in real-time


If you disallow your people doing what they want by imposing restrictions, you will never know how your organization reacts to the new technology. Thankfully, by integrating self-service features in Teams, you can tailor a lot of settings to avoid teams sprawl, poor naming structure, etc., and achieve the most out of it by making it more user centric.

For more articles on self-service and automated site provisioning, please visit our blog.

Read more