Teams provides a great platform for integrated apps. While building and managing trust takes time, Microsoft offers a shortcut to expedite adoption of Teams apps within enterprises through the Microsoft365 Publisher Attestation and Certification programs.
In this theater session, Bill Bliss, Microsoft Teams Platform Architect, informed about the Microsoft offering to raise visibility and trust in Apps on Teams.
Bill Bliss - THR2130 - Raising Visibility and Trust in Apps for Microsoft 365
Naturally, enterprises have processes to approve new LOB apps. The platform flywheel includes the developers, who are building apps, decision makers who are enabling users with apps and end users who discover apps and start using them. As the following graphics show, there are usually many tasks involved to deploy an app or a solution to the organization´s end users, consuming a lot of time till the app can be used.
The platform flywheel
Often, large enterprises turn apps off or don´t deploy them or they have security and privacy reviews that require weeks. Such processes are often magnified by the number of apps and enterprises which is an inefficient system.
To speed up these processes, Microsoft offers app certification to build trust and to improve transparency and between Teams app developers and Enterprises.
Trust is the foundation of every relationship
Trust must be earned and is the foundation of every relationship, also in business processes and apps. So, Microsoft´s goal is to support organizations implementing trusted apps with the Microsoft 365 Certification Program.
In the Microsoft 365 Publisher Attestation, Microsoft verifies an Office or Teams app with 90+ vectors of security and compliance, checks data handling, consistent format, and is testing the app even beyond Teams such as the compliance with the Office Apps such as Word, Excel, PowerPoint, Outlook and Web APIs. Also, the app is added to the Microsoft´s Cloud App Security Broker service (CASB). This automatically integrates the app in CASB for all customers! Learn more about at Microsoft Cloud App Security here.
The Microsoft 365 certification is a “Pilot for Teams apps”. It includes penetration tests, how the vendor does patching and scanning for vulnerabilities, data handling, if the app works with least privilege design, compliance claim checks, if it complies with industry standards such as SOC2, PCIDSS, ISO27001 and so on. The slide shows a glimpse of the certification process.
App certification (Teams Pilot)
The Microsoft 365 App Certification program offers assurance and confidence to enterprise organizations for Office apps and Teams apps. Applications that pass validation get the Microsoft 365 App Certified labels throughout the Microsoft 365 ecosystem. The program consists of two tiers:
The Publisher Attestation is filled out by the developers of an app that informs detailed about security and compliance, see aka.ms/AppCertificationDevInfo
The Teams admin center shows the certification level as in the following screenshot. For teams, currently about 50 vendors publisher-attested, see the app list here.
Certified apps for Teams
Microsoft is also working on an integration with the Microsoft Partner Center, then partners can fill in app information directly there.
A Teams certified app
Bill delivered a great session informing about the new Microsoft 365 App Certification program. Get informed and start your app certification journey at aka.ms/AppCertificationDevInfo and at aka.ms/AppCertification!
Find out more about Microsoft 365 App Certification program at the following resources: