1257554046.8dd5717.e4d134cceca2417f9c800d335532960a

Microsoft Teams – Don’t just turn it on, spend time planning.

Microsoft Teams is a transformational tool, with that make sure to spend some time thinking about how you should configure various security, compliance, and governance settings across the platform.

For the past several years I have had the opportunity to transform the way I work, communicate, and collaborate within my team and across various groups internally and externally. At first glance Microsoft Teams may look like a simple chat client but there are many aspects across data, communication, and collaboration capabilities that can produce a fair amount of data.

The data generated within Microsoft Teams can provide a ton of value for an organization but for a legal, security, and compliance aspect it’s important to spend some time making sure you have Microsoft Teams configured to meet your organizations needs.

To get started I recommend taking a look at the Microsoft Teams Governance Quick Start guide -> https://docs.microsoft.com/en-us/microsoftteams/teams-adoption-governance-quick-start it’s a great place to get started in identifying and preparing your Microsoft Teams environment. As you continue on your journey in deploying Microsoft Teams you will want to drill down in the various Microsoft Teams Policies focused on the various elements across the platform. Below are the core elements you should review as part of your deployment.

Messaging policies are used to control which chat and channel messaging features are available to users in Microsoft Teams. You can use the default policy that is created automatically or create one or more custom messaging policies for people in your organization.
https://docs.microsoft.com/en-us/MicrosoftTeams/messaging-policies-in-teams

Meeting policies are used to control the features that are available to meeting participants for meetings that are scheduled by users in your organization. 
https://docs.microsoft.com/en-us/MicrosoftTeams/meeting-policies-in-teams

App permission policies control what apps are available to Microsoft Teams users in your organization. You can allow or block all apps or specific apps published by Microsoft, third-parties, and your organization. When you block an app, users are unable to install it from the Teams app store.
https://docs.microsoft.com/en-us/MicrosoftTeams/teams-app-permission-policies

App setup policies customize Microsoft Teams to highlight the apps that are most important for your users. You choose the apps to pin and set the order that they appear. App setup policies let you showcase apps that users in your organization need, including ones built by third parties or by developers in your organization. You can also use app setup policies to manage how built-in features appear.
https://docs.microsoft.com/en-us/MicrosoftTeams/teams-app-setup-policies

Custom app policies and settings control who in your organization can upload custom apps to Microsoft Teams. Admins decide which users can upload custom apps, and admins and team owners can determine whether specific teams in your organization allow custom apps to be added to them.
https://docs.microsoft.com/en-us/MicrosoftTeams/teams-custom-app-policies-and-settings

Group naming policy is used to enforce a consistent naming strategy for Office 365 groups created by users in your organization. A naming policy can help you and your users identify the function of the group, membership, geographic region, or who created the group. The naming policy can also help categorize groups in the address book. You can use the policy to block specific words from being used in group names and aliases.
https://docs.microsoft.com/en-us/office365/admin/create-groups/groups-naming-policy

Expiration policies can help remove inactive groups from the system and make things cleaner. When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, etc.) are also deleted.
https://docs.microsoft.com/en-us/office365/admin/create-groups/office-365-groups-expiration-policy

Guest access allows teams in your organization to collaborate with people outside your organization by granting them access to existing teams and channels on one or more of your tenants. Anyone with a business or consumer email account, such as Outlook, Gmail, or others, can participate as a guest in Teams with full access to team chats, meetings, and files.
https://docs.microsoft.com/en-us/MicrosoftTeams/guest-access

External access provide users from other domains the ability to participate in chats and calls. You can also allow external users who are still using Skype for Business to participate.
https://docs.microsoft.com/en-us/MicrosoftTeams/manage-external-access

eDiscovery in Microsoft Teams provides a way to search Teams 1:1 or group chats which are journaled through to the respective users’ mailboxes, and all channel messages are journaled through to the group mailbox representing the team. Files uploaded are covered under the eDiscovery functionality for SharePoint Online and OneDrive for Business.
https://docs.microsoft.com/en-us/MicrosoftTeams/ediscovery-investigation

Identity models and authentication in Teams Microsoft Teams support all the identity models that are available with Office 365.
https://docs.microsoft.com/en-us/MicrosoftTeams/identify-models-authentication

Modern authentication is a process that lets Teams know that users have already entered their credentials (like their work email and password) elsewhere, and they shouldn’t be required to enter them again to start the app.
https://docs.microsoft.com/en-us/MicrosoftTeams/sign-in-teams

Legal Hold in Microsoft Teams allows you to place a user or group on hold where all message will be retained.  – https://docs.microsoft.com/en-us/MicrosoftTeams/legal-hold

Search Audit log in Microsoft Teams allows you to investigate specific activities across Office 365 services. For Teams, here are some of the activities that are audited. https://docs.microsoft.com/en-us/MicrosoftTeams/audit-log-events

Content Search in Microsoft Teams provides an ad-hoc way to query Microsoft Teams information spanning Exchange, SharePoint Online, and OneDrive for Business.
https://docs.microsoft.com/en-us/MicrosoftTeams/content-search

Retention Policies in Microsoft Teams allow admins to configure retention policies (both preservation and deletion) in the Security & Compliance Center for Teams chat and channel messages. This helps organizations either retain data for compliance (namely, preservation policy) for a specific period or get rid of data (namely, deletion policy) if it is considered a liability after a specific period. Teams retention policies ensure that when you delete data, it is removed from all permanent data storage locations on the Teams service.
https://docs.microsoft.com/en-us/MicrosoftTeams/retention-policies

Location of data in Microsoft Teams is based on the geographic region associated with your Office 365 tenant. Currently, Teams supports the Australia, Canada, India, Japan, United Kingdom, Americas, APAC, and EMEA regions.
https://docs.microsoft.com/en-us/MicrosoftTeams/location-of-data-in-teams