Protecting your information and staying compliant with Microsoft Teams
Published Jan 06 2020 09:10 AM 31.3K Views

Adopting Microsoft Teams in your organization brings the benefits of chat-based collaboration and an integrated hub for your calls, meetings, apps, and content. This is why there are more than 20 million daily active users of Teams.


But it isn’t all about productivity, we want Teams to contribute to your security and compliance requirements and you probably have a lot of questions on how this happens. You may be used to protecting email and files in Microsoft 365 and on your mobile devices, but how should you approach security and compliance as you add Teams to the mix? Did you know, for example, that Teams keeps persistent records of chat conversations by default?


As we enter the new year, we’ll help you answer these top-of-mind questions starting with the latest episode in our Microsoft Teams for IT series on Microsoft Mechanics, dedicated to security and compliance.




Make Microsoft Teams part of your information governance approach


If you’re new to how persistent chat works in Teams, the good news is that you have control over how persistent chat conversations are. Retention thresholds for chat to can be set to time period as short as 24 hours. In fact, there are a multitude of security and compliance controls that you can apply to Teams chat, meetings and calls. For example, you can disable screen sharing for specific users, or with information barriers via PowerShell, you can prevent illicit communications between different segments of users. In regulated sectors such as Finance, where you may be required to prove the right measures are in place to prevent insider trading, this capability can come in handy.


As you protect your files and emails in Microsoft 365, we help you make Teams another endpoint in your overall security and compliance strategy. This allows the policies that you set universally, inherited from services like SharePoint, OneDrive, and Exchange, to apply to Teams and take advantage of capabilities such as Data Loss Prevention, Advanced Threat Protection, organizational search and in-place hold with eDiscovery, or Communication Compliance to monitor and prevent inappropriate behaviors. You can discover Microsoft 365 controls available to you by reviewing the security and compliance scores for your tenants, which recommend controls that could help increase your scores.


Microsoft makes sure the Microsoft Teams service is secure and compliant in regard to data flow. Data within Microsoft data centers is encrypted at rest and in transit. We keep a robust control framework of more than 1,000 controls to meet the requirements of some of the most rigorous industry regulations and continuously review and add controls as new requirements emerge. In fact, you can find 3rd party auditor reports for Microsoft 365 and Teams services in the Service Trust Portal at


These are just some of the top ways we keep you secure and compliant with Teams and in this Microsoft Mechanics episode, I’ll walk you through your options and more details.

You can follow our full playlist at, which starts with an overview of Microsoft Teams for IT Admins, and with upcoming episodes that will cover how to configure security and compliance controls for Teams, upgrading from Skype for Business, and how to scale end-user adoption.


If you are in a government cloud service such as the US Government Community Cloud (GCC), GCC High, or Department of Defense, and don’t see some of these capabilities available yet, rest assured we are working on it, and you can stay updated at


Please give us your feedback on other questions you may have or other topics you’d like us to cover and enjoy the new year!


Version history
Last update:
‎Aug 24 2022 04:38 PM
Updated by: