Forum Discussion

OCA619's avatar
OCA619
Brass Contributor
Sep 11, 2025

Securing Microsoft Teams Best Practice & Cleanup

Working on a Teams environment that is fully wide open. They have seen a huge number of Teams created and are looking to get it under control from here on out and clean up. Wanted some advice on what...
Administrator
best practices
Guest Access
How-to
microsoft teams
Nesha99's avatar
Nesha99
Copper Contributor
Sep 15, 2025

Block Teams Creations-  Correct, you will need to restrict the creation of M365 Groups and create a security group for those allowed to create new teams.

Expire or Archive old Teams- To expire Teams, you can create a M365 group expiration policy in AAD Admin Center.  For Archiving, you can go to Teams Admin Center or archive the team using PowerShell or MS Graph.  

There is also the option to use retention policies by going to MS Purview Compliance portal.  

Governance Example Policy

“All guest accounts must be approved, require MFA, and be reviewed every 90 days. Guest accounts inactive for 90 days will be automatically disabled. Sharing of content must be restricted to authenticated guests only — anonymous links are prohibited.”

Quick Implementation Checklist

  •  Restrict who can invite guests
  •  Require MFA for all guest accounts
  •  Limit external sharing (no “Anyone with the link”)
  •  Classify Teams/sites with sensitivity labels
  •  Set up Access Reviews for recurring guest audits
  •  Enable logging & monitoring of guest activity
OCA619's avatar
OCA619
Brass Contributor
Sep 21, 2025

Would you have any links or documentation on the steps to accomplish these items? Any guidance is appreciated. Thank you.

  • Nesha99's avatar
    Nesha99
    Copper Contributor
    Oct 20, 2025

    Hi OCA619,  Sorry for the delayed response.  You can find information on Teams expiration here: https://learn.microsoft.com/en-us/microsoft-365/solutions/microsoft-365-groups-expiration-policy?view=o365-worldwide

     

Resources