GDPR: eDiscovery / backup for guest access

Contributor

Hi everyone,

 

currently we are facing big problems concerning GDPR and the use of teams.

As long as we only regard data on our domain, there are ways to find and maybe backup data.

 

But what happens, when you are an invited guest user in another company's domain?

The guest account is linked to your AD account, but we see no possibility to search / backup the data stored there. Asking the partner company (or in some cases not so not so partner-like anymore) for access is no solution.

On other platforms like ThinkProject, you can obtain functional backups of the data you were eligible to see, no matter what your project partners opinion is.

 

Our current ideas:

  • file data: offline synchronization as long as it is enabled by the partner company (seldom!)
  • chat / meeting data?
  • team / channel posts?
  • other app data?

 

Any help / advice is appreciated.

2 Replies
Agree that there needs to be improvements in this area! The general idea is that as a guest user you comply with the inviting orgs terms! All data is stored there and belong to them! As a guest you are a “internal user” to that org, even if the authentication happens with their own home organization Azure AD.

Adam
Thank for your answer.
This will cause additional major agreements to ensure / guaranty immediate access for the invited partner in case of dispute. Very difficult - I assume this is a big counter-argument for many companies.