01-20-2019 10:53 AM
01-20-2019 10:53 AM
we are using Teams in O365 with an on premise Exchange.
Now we got the request to hide internal account information to guest users.
I found how to hide specified details of one account here, but we need to hide all details for every guest account.
For now a guest could see the team members name and details like title, phone number, last seen and email.
Except for the Name this shouldn't be visible to guest accounts due to confidentiality reasons.
Is there any way to archive this?
01-20-2019 12:04 PM
No there is not a way to achieve that. If you have that degree of concern then they shouldn;t be guests.
01-20-2019 12:12 PM
Thank you for the information.
Agree with you but the new german General Data Protection Regulation seems to force us so.
01-21-2019 10:20 AMSolution
Teams is simply not designed for such scenario. While we do have some options to "hide" information in Azure AD, none of them applies to Teams. Best you can do is configure GAL segregation, which similar to how it work in Exchange will "hide" user objects as a whole, if you toggle the "Scope directory search in Teams using an Exchange address book policy (ABP)" setting. But this hides the entire object, not just some attribute.
You German folks should really raise this with your local Microsoft representatives. And maybe put it on UserVoice :)
01-21-2019 10:33 AM
Thank you also for the reply,
as we have an on premise Exchange ABP isn't supported so far.
Yes it seems we need to do that, this new policies are a mess over here ;)
01-21-2019 11:36 AM
GDPR applies to the UK just as much as Germany (well for now it does) and I've never seen anyone interpret it in that way. Some amount of personal data is required to allow a company to operate, the fact that some are guests wouldn't normally be a factor.
This content is not being made public and is reasonable usage.
By your logic you would need to be obfuscating names on external emails too ….
01-21-2019 11:48 AM
01-21-2019 11:57 AM
Agree with you, this will bring us to a level which leave us unable to operate.
For now there seems to be a scope how you can interpret it, but the regarding company´s GDPR representative asked for this feature so this was basically the reason for this question.
Also the same information is attached in every mail as signature....
However this shouldn´t be an GDPR discussion and my questions is answered so far,
but if anybody has detailed knowledge about the GDPR feel free to reply :)