cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Protecting your information and staying compliant with Microsoft Teams
By
Nydia Cavazos
Published Jan 06 2020 09:10 AM 31K Views
Nydia Cavazos
Microsoft
‎Jan 06 2020 09:10 AM

Protecting your information and staying compliant with Microsoft Teams

‎Jan 06 2020 09:10 AM

Adopting Microsoft Teams in your organization brings the benefits of chat-based collaboration and an integrated hub for your calls, meetings, apps, and content. This is why there are more than 20 million daily active users of Teams.

 

But it isn’t all about productivity, we want Teams to contribute to your security and compliance requirements and you probably have a lot of questions on how this happens. You may be used to protecting email and files in Microsoft 365 and on your mobile devices, but how should you approach security and compliance as you add Teams to the mix? Did you know, for example, that Teams keeps persistent records of chat conversations by default?

 

As we enter the new year, we’ll help you answer these top-of-mind questions starting with the latest episode in our Microsoft Teams for IT series on Microsoft Mechanics, dedicated to security and compliance.

 

 

 

Make Microsoft Teams part of your information governance approach

 

If you’re new to how persistent chat works in Teams, the good news is that you have control over how persistent chat conversations are. Retention thresholds for chat to can be set to time period as short as 24 hours. In fact, there are a multitude of security and compliance controls that you can apply to Teams chat, meetings and calls. For example, you can disable screen sharing for specific users, or with information barriers via PowerShell, you can prevent illicit communications between different segments of users. In regulated sectors such as Finance, where you may be required to prove the right measures are in place to prevent insider trading, this capability can come in handy.

 

As you protect your files and emails in Microsoft 365, we help you make Teams another endpoint in your overall security and compliance strategy. This allows the policies that you set universally, inherited from services like SharePoint, OneDrive, and Exchange, to apply to Teams and take advantage of capabilities such as Data Loss Prevention, Advanced Threat Protection, organizational search and in-place hold with eDiscovery, or Communication Compliance to monitor and prevent inappropriate behaviors. You can discover Microsoft 365 controls available to you by reviewing the security and compliance scores for your tenants, which recommend controls that could help increase your scores.

 

Microsoft makes sure the Microsoft Teams service is secure and compliant in regard to data flow. Data within Microsoft data centers is encrypted at rest and in transit. We keep a robust control framework of more than 1,000 controls to meet the requirements of some of the most rigorous industry regulations and continuously review and add controls as new requirements emerge. In fact, you can find 3rd party auditor reports for Microsoft 365 and Teams services in the Service Trust Portal at aka.ms/STP.

 

These are just some of the top ways we keep you secure and compliant with Teams and in this Microsoft Mechanics episode, I’ll walk you through your options and more details.

You can follow our full playlist at aka.ms/MicrosoftTeamsforIT, which starts with an overview of Microsoft Teams for IT Admins, and with upcoming episodes that will cover how to configure security and compliance controls for Teams, upgrading from Skype for Business, and how to scale end-user adoption.

 

If you are in a government cloud service such as the US Government Community Cloud (GCC), GCC High, or Department of Defense, and don’t see some of these capabilities available yet, rest assured we are working on it, and you can stay updated at aka.ms/TeamsGovRoadmap.

 

Please give us your feedback on other questions you may have or other topics you’d like us to cover and enjoy the new year!

Nydia

14 Comments
Ben Donaldson
Iron Contributor
‎Jan 12 2020 11:33 PM
‎Jan 12 2020 11:33 PM

Some great high level conversation starters in there for the greener Teams customers - thanks.

Sean Ellis
Steel Contributor
‎Jan 15 2020 08:36 AM
‎Jan 15 2020 08:36 AM
A useful addition to the UI would be to allow users to easily mark sensitive channels using identifiable colors. For example, I might choose a bright red highlight color to indicate any channel which might include people outside our organization, or a green color to indicate private channels. It is then less likely that I will inadvertently share something. As it is, all channels are visually identical. However, this has been requested on UserVoice and despite being pretty popular, it was turned down. I note that pretty much every other request for meaningful customization of the UI has also been either ignored or turned down, for example options to choose text size, font, pinning channels to the side bar, better use of screen space, notification sounds, per-channel notification options, control animations, control emojis... and so on.
Nydia Cavazos
Microsoft
‎Jan 15 2020 10:53 AM
‎Jan 15 2020 10:53 AM

Hi @Sean Ellis ! Thank you for the feedback =). I agree that changes in the UI, specifically the change you're proposing, would further help manage risk. I hear that you're somewhat disappointed on this UserVoice item not being prioritized yet. To decide what features to build, votes, impact to end-user, change management, capacity, and many other factors are considered. So far we have focused on delivering more robust features for meetings and accessibility (e.g. live captions or private channels), considering that SharePoint already does quite a good helping users manage risk, and under the assumption that if Guests are allowed and added to Teams, they should have access to the information being shared (otherwise why add them?). If this continues to be important, keep the votes up, we keep monitoring it. Also, be sure to raise this ask to your Microsoft Account team if this is blocking your deployment.

 

Thank you for sharing your thoughts with me =)!

Nydia

Sean Ellis
Steel Contributor
‎Jan 16 2020 01:57 AM
‎Jan 16 2020 01:57 AM
UserVoice at the moment seems to be a place into which to divert criticism, not to have it acted on. It's where we can be sent to complain about issues among ourselves and where nothing ever happens. I can't vote multiple times for the same thing, so how can I raise the profile of an item I've already voted on? The only way to do this is to raise the problem in other forums, which is why I am here. A serious problem is that we feel like we're not just being ignored, but that we are being actively lied to about the status of enhancements, in order to try to stop us changing to other applications. Here's my #1 example: compact mode for chat. This was raised late in 2016 (!) and immediately attracted a large number of votes. For most of the next 3 years it was the #3 issue and the #1 UI issue (it has recently been overtaken by multi-window mode.) It was marked as "Working on it" on 9 February 2017. More feedback was asked for. We told you what we wanted (more chat visible in a much smaller window), and were told "We are working on changes that will be made in the coming weeks" - in June 2017. In March 2018, 9 months later, we were given an update saying that you had implemented something which reduced the amount of visible chat on screen - the precise opposite of what was asked for. In December 2018, it was demoted to "Planned". In March 2019, a full year on, we were then asked for more feedback. We still wanted something which showed more chat in a small window. In July, you were still working on "defining the experience". None of this requires new features - it's just tweaking parameters of the CSS that sets the layout of the embedded HTML page. People (including me) prototyped this with style managers in the web client and shared our results. We achieved more in a lunchtime than had been achieved by the actual developers in literally years. You said you had designs. We asked to see them. Nothing. We told you what we wanted. You said you were working on it, then waited a year and asked the same questions again. The same thing happens for any user customisation options. It's obvious that no work has actually been done on this, and that there is zero intention of actually doing it at all. So why lie to us repeatedly about progress?
Robin St.Clair
Copper Contributor
‎Jan 19 2020 03:10 AM
‎Jan 19 2020 03:10 AM

One definitely needs to be able to immediately identify conversations which go

  • out of the immediate group
  • out of the organisation hierarchy (but still in associated organisations)
  • out into the wild

Colour coding would be a simple way of achieving this.

 

0 Likes
Like
Sean Ellis
Steel Contributor
‎Jan 20 2020 08:25 AM
‎Jan 20 2020 08:25 AM
"the assumption that if Guests are allowed and added to Teams, they should have access to the information being shared (otherwise why add them?)" That assumption only works if all guests are allowed equal access to the information in all channels. Without a distinct visual cue, it is easy to enter information into the wrong channel. How many times have you seen someone post a message, then say "Oops, wrong channel" and retract it? I see this a lot. (For the canonical example, ask UK politician Ed Balls.) The ability to make each channel distinct would not completely eliminate this problem, but it would certainly be a help. It's also likely to help rapid identification of channels, rapid identification of important notifications (if the highlight color is used in the notification pop-up), and I bet there are a dozen other useful ways to use it that I haven't thought of at all. This is, as I said above, a symptom of a wider problem - that despite the wide diversity of the hundreds of thousands of users of Teams, there is One True Way to use it, and Microsoft knows better than the user herself what that is: One True Color Scheme, One True Font Size, One True Font, One True Layout, One True Minimum Window Size, One True Notification Sound, One True Sidebar... and so on.
0 Likes
Like
AlexMags
Copper Contributor
‎Jan 22 2020 05:24 AM
‎Jan 22 2020 05:24 AM

When we join meetings that are being recorded there is a notification banner and link to privacy statement.  When we start instant messaging with customers/suppliers and retention policies are in place to record the chat conversation, then there is no notification. 

GDPR - Art. 13(1) If we're chatting with someone and they give us information about themselves we need to provide that person with a Privacy Notice “at the time when the personal data are obtained”. If Teams could signal the other side that chat is being retained that would be ideal (like recorded meetings do).

willie19691123
Copper Contributor
‎Feb 17 2020 06:55 AM
‎Feb 17 2020 06:55 AM

Hello, great work and care about data protection and security. I just like to ask 2 things:

1. How much is the data storage capacity limitation (i.e., xGB or xTB) of Teams or is there none? This is a question/concern of our company.

2. If after some period of usage and when there are so many files stored already in the Teams, is there any possibility that Teams performance/speed will slow down or not?

 

Thank you!

adam deltinger
MVP
‎Feb 17 2020 07:04 AM
‎Feb 17 2020 07:04 AM

The limit per site collection is 25 TB

each library can hold 30 million files but many are reporting issues when more than 5000 items is shown. You can create views or folders Ecetera to get around..

 

https://docs.microsoft.com/en-us/office365/servicedescriptions/sharepoint-online-service-description...

 

willie19691123
Copper Contributor
‎Feb 17 2020 07:55 AM
‎Feb 17 2020 07:55 AM

Thanks Adam!

May I ask 1 more question?

Is there any max. retention time or period for Teams such that data will be deleted after such time/period, or there is none?

Great day to you,

Willie

0 Likes
Like
Nydia Cavazos
Microsoft
‎Feb 18 2020 12:53 PM
‎Feb 18 2020 12:53 PM

@AlexMags : Hi and thank you for the suggestion, i think it's a valid ask. I looked through our Teams UserVoice and didn't find this specific request, but I found a similar one. Sharing in case you want to add your or vote. I know this alternative doesn't solve your problem from the root, but most support centers that use either phone, chat, or bots for support provide a default message stating that the conversation is being recorded for X purposes. 

 

@willie19691123: In addition to what Adam jus shared, you could also check our docs for question #1. For retention policies, as explained in our documentation: by default, Teams chat, channel, and files data are retained forever. As an admin, you can set up Teams retention policies for chat and channel messages and decide proactively whether to retain the data, delete it, or retain it for a specific period of time and then delete it.

 

willie19691123
Copper Contributor
‎Feb 18 2020 02:26 PM
‎Feb 18 2020 02:26 PM

Thanks Nydia!

0 Likes
Like
willie19691123
Copper Contributor
‎Feb 22 2020 06:29 PM
‎Feb 22 2020 06:29 PM

Hi Nydia, Aya, everyone,

May I a few questions pls...

1) Our company is trying to decide which one to use between SharePoint and Teams as platform to store project documents and knowledge management documents (technical) because one group favors SharePoint while the other favors Teams.  All these documents should be protected from leaking outside of our company.  Because we have experience that some company documents could be Google searched and downloaded.  Though we understand there is no 100% fool-proof system to prevent this really.  My understanding is that everytime we create a channel in Teams, automatically it creates a SharePoint site where the documents in Files tab are stored. If you could advise us which platform we should use, SharePoint or Teams, considering the long term storage with continuous update (i.e., addition/deletion of revised/superseded documents in the future), we would really appreciate it. Can we consider that the Teams security level is the same as that of SharePoint?  Or SharePoint is more secure right now?

2) In the Teams channel, I wonder whether in the future it's possible to create sub-channels?  Because for example in our company we do projects, but in a project, there are several scopes which are handled by different people for each scope. Example, Project A, we want to create a channel for it, and then, we would like to create sub-channels, say scope 1, scope 2, scope 3, etc....Scope 1 is handled by Persons A, B, C, D, while Scope 2 is handled by Persons E, F, G.  And so on.  So persons in scope 1 don't need to collaborate/communicate with scope 2 persons.

Thanks once again!

0 Likes
Like
Robin St.Clair
Copper Contributor
‎Feb 23 2020 02:07 AM
‎Feb 23 2020 02:07 AM

Willie

I am dealing with issues relating to secure communication/messaging and document/db/application access within groups/organisations and also, under controlled circumstances, externally. I find both Sharepoint and Teams too immature at their present stage of development. However, another MS tool, Kaizala, is in the process of being folded into Teams. This has some features which appear to have great potential. It sometimes feels that Kaizala was developed beneath Redmond's radar and it took a long time to be taken seriously within MS as a whole.

And now the AI folk want access to raw data - its an ongoing problem :cool::lol:

Co-Authors
Version history
Last update:
‎Aug 24 2022 04:38 PM
Updated by: