Forum Discussion
Monitor traffic Teams to outbound Teams site
ChrisWebbTech I don't know of any way to trace access for users from a tenant to Teams in other tenants. The general rule is that compliance data is controlled by the tenant that owns the data. Audit data is kept in the tenant where it is generated. In this case, that data includes audit records for guest users signing into Teams, access documents, and so on. I'm unaware of any audit record captured for outbound access by a tenant user to a resource in another tenant.
But this is surely similar to access to other cloud applications, like someone connecting to their personal Gmail or Dropbox account. Office 365 doesn't gather that data either and no one complains. As to using Teams to transfer data out of a tenant, well, that's like people emailing confidential messages and documents to Gmail or Yahoo! mail, or cutting and pasting information from a document into a personal document. Although you could trace the transmission of email to Gmail or Yahoo! mail, you couldn't say what data is sent.
DLP isn't perfect either, nor is encryption. Users can get around technology if they want to. For example, I can spell out a credit card number in letters (six four one three, etc.) and DLP won't catch that pattern. For this reason, technical blocks exist to catch the most obvious cases of data misuse, but the technology must be backed up with employee training and sanctions (where necessary).
So if I use my domain account wich is under O365 subsribtion to log on to a TEAMS outside of my organisation I can use the Audit log to see what I have shared via my O365 account. Can I apply DLP policies to content leaving my organisation ?
StephaneSmithLowes https://docs.microsoft.com/en-us/microsoft-365/compliance/supervision-policies
Will this help me achieve my goals into supervising communication done from my internal users ?
- No, Supervision is really just for someone to monitor someone actively doing something. When it comes to guests, you really don't have much options because when you login to a guest tenant, it now becomes that tenants responsibility since you have no visibility into the actions that happen there. The only actions you really have on your data is access (view) logs and download logs, but you can't see if someone uploads something elsewhere. The only thing you can really see is if someone is using the account to login to another tenant, that's about it.
ChrisWebbTechI am stunned that Microsoft is unable to track activities going outside my Tenants. This put Teams and Our Compagny at Risk.
Anyone can Data Leak information to his personnel account without anyone knowing about it. This will put a end to the use of TEAMS in organisation.
Is there a way to prevent my Organisation user from Accepting TEAMS chat from outside our Organisation ?
If we are unable to track Communication going outside of our Tenants with our businness account I think it will be the end of this product life even if it's the best collaboration tool. If Data Leak prevention team are unable to track they will not let us use this product.
StephaneSmithLowes You can turn off the external federation & Guest access for your Tenant. Simply turning Teams on does not help any org. The teams governance is critical for any teams successful implementations.
You have to make these decisions before you enable teams for everyone.
* External sharing
* Teams creation
* private channels
* live events
* recording
* DLP and actions
* App lockers and Windows information protection to prevent documents access outside of your organization
feel free to reach out to me if you need any help....
