Written by Mahak Jain
Microsoft Teams has become the Centralised platform for collaboration within Microsoft 365. From meetings, chats, calls and video conferencing to collaboration apps and workflows, users are adopting teams at a very fast pace. Teams now has over 270 million active users monthly and Microsoft has seen 600% growth in the Teams Platform and it is not slowing down.
Rapid adoption brings the need to address Teams Governance. Let’s see what can be done or should be some good practices to follow, to help stay in control and maintain security across this collaboration platform.
Firstly, lets understand what is the meaning of Teams Governance? Governance in Teams means how we manage users’ access and the data in compliance with business standards and at the same time ensure security of the data. It is the key to daily management and usability of Teams. By defining governance policies, we can make sure that we set a way of using Teams that is communicated and expected from the users. Examples can be, setting a naming convention, setting criteria for creation of teams and much more. It’s also about ownership and rules around what data can be kept in Teams, external guest access, retention, archiving and deletion. Teams must have a lifecycle management and that is what Governance is about.
Now, let’s see what some best practices are for setting up Governance.
1. Determining the Four W’s (Who, Why, When and What)
Who: Deciding whether everyone in the business gets access to create a Team in Teams or not, is very important. Microsoft by default – gives the freedom to all users – to create Teams. But when it comes to Governance – it is not a practical approach. One should understand that when a team is created in Teams, it creates – Office365 Group, SharePoint Site and generates an email address.
If everybody gets to create teams and if there is no one to manage then it ends up with duplicate teams, teams with no purpose and lots of SharePoint sites. So, it is important, to decide whether everyone gets to create a Team, or a restricted group does. If everyone has access to create a Team, then make sure you manage those teams after creation to ensure they meet organisational policies.
Why: This relates to the point discussed above – it is important to know the reason why a particular Team has been created. To avoid duplication, no purpose teams and purposeless SharePoint sites.
When: This particularly relates to the retention policies and archiving needs. If someone creates a Team that is not going to be functional when it is getting created, it can rather be delayed. On the other hand, if a team has been inactive for various reasons, then the question of when this team was created arises. If it is not required anymore – the admins can archive that team and unarchive when it is needed at some later point.
What: This is to define the purpose of creation of a team -what is this team for? Can the purpose be served by creating a channel within a Team or does it actually need a team?
2. Naming Convention
Naming Convention is equally important when it comes to governance. If no naming convention is set – every user start expressing their individuality. While it is important to the business communication, it can lead to a lot of confusion, untidiness. When it comes to small businesses – it can still be ok because they are less likely to get re-used but as the business grows and more departments get added, team name like accounts could mean one the four accounts teams. And then it leads to accounts123, accounts456 names – which is not ideal and confusing.
3. External or Guest Access
Depending on nature of the business, it might be important to enable secure collaboration with external identifiers like partners and vendors. Limitations can be set on who can add guests to teams by using appropriate tenant controls and limit which teams are open to guests by using sensitivity labels. Additional layer of security can be added by enforcing Multi-Factor Authentication (MFA) for the guests.
4. Deletion and Archiving in Teams
There is difference between deleting and archiving a team.
When archiving – the activity in the team is frozen but administrative changes can still be done – like adding or removing members. An archived team hides from the end user’s team application navigation panel. The team is still visible from Teams Admin Center and can be unarchived.
Deletion on the other hand – deletes the SharePoint site, the content (files, chat, etc) and activity. These cannot be recovered unless you recover Microsoft 365 group associated with that team. So, it is important to decide which team should be deleted or archived.
5. Approved Apps
One of the best use cases of Teams includes the integration of other apps into the experience. At a minimum the technical team deploying teams should enable the first party and Microsoft featured apps in Teams experience. There are numerous third-party apps that are now available for integration in teams. Apps like Zoom, Slack, Zapier etc. can have interactivity with teams. Be sure to vet any third-party apps to ensure they adhere to your organisation’s security and compliance needs.
6. Private Teams vs Public Teams
In Teams there are 3 types of Teams: Org-Wide, Public and Private. Organisation wide team means it will add all the users in the organisation to the team. There can be more than one Org-wide team. Public means anyone in the organisation can join the teams without any invite or approval. These teams are visible to all users. They have to join the team; they will not be added automatically to the team. Private means the owner of the team must invite or add the members to the team. These teams are not visible to all users in the organisation.
So, it’s important from the beginning whether a team needs to be a private or public or an org-wide team.
We’ve discussed some of the best practices for Governance. Microsoft provides in detail how to implement it and has article guides for IT pros to ask right questions to determine requirements for governance, and how to meet them.