You risk experiencing fragmentation when using a variety of tools to communicate with your colleagues, share files, and interact with your customers. Microsoft Teams (AKA Teams) enables you to integrate the disparate elements of office communication and collaboration digitally.
The collaborative communications platform incorporates Chat, Conferencing, and Collaboration, making it a three-in-one app. There is built-in storage, integrations with Microsoft, cloud-based hosting, and admin + security controls to support these features. The familiar UI makes it user friendly, so it is little wonder that its user base has grown quickly since its launch in 2017. The apps reach of 13 million active users daily, means that Microsoft Teams has gradually replaced Microsoft Classroom and Skype for Business, thus, demonstrating its use in the business arena.
The importance of staying connected digitally, especially during the epidemic, is vital, and Teams three core features help make this possible.
- Chat – The chat is unlimited on the free and paid Microsoft Teams versions. You can search for conversations making it easier to communicate effectively with colleagues.
- Conferencing– Conduct online meetings with up to 250 participants and hold video calls. Events such as webinars can support up to 10,000 viewers.
- Collaboration– Microsoft Teams integrates seamlessly with over 250 business apps, hosting everything on the cloud, which means minimal infrastructure overheads. In the free version, you receive 1 GB of shared storage and an additional 2GB per user. In the paid version, you receive 1 TB per user.
You can also add up to 500,000 users in Teams Free. The paid version has several additional features, including in-app calendar, meeting scheduling, and smarter collaboration.
Security and governance
To ensure advanced security capabilities, Teams enforces two-factor authentication, and a single sign-on through Active Directory. Data is also encrypted at transit and rest. Storing of files takes place in SharePoint, and they are backed by SharePoint encryption. OneNote stores notes, backing them up by OneNote encryption, and the OneNote data is stored in the Team SharePoint site.
The partnership Teams has with SharePoint, OneNote, and Exchange means you can increase your security by configuring your Microsoft 365 or Office 365. Security features include:
· Advanced Threat Protection (ATP)
You can get Advanced Threat protection (ATP) for Microsoft Teams, in addition to SharePoint and OneDrive, thus, establishing if there is malicious content in these applications.
· Safe Links
The Advanced Threat Protection (ATP) safe links are currently unavailable in Microsoft Teams but are in public preview through the Technology Adoption Program (TAP).
· Safe Attachments
The Safe attachments feature allows you to detect malicious attachments. There are policies to handle suspected malicious attachments so that they are not sent to users.
To ensure compliance, Teams includes information about communication compliance for channels, chats, attachments, retention policies, audit log search, and Data Loss Protection (DLP).
· Information Barriers
Information barriers are policies that restrict individuals’ to only communicate about work purposes.
· Communication compliance
You can monitor Microsoft Teams communications for offensive language, sensitive information, as well as information related to your internal and regulatory standards.
· Retention Policies
The retention policies in Microsoft Teams allows you to retain data that you feel is important and remove irrelevant content. You can also keep your data for a specific period, after which it is deleted.
· Data Loss Prevention (DLP)
Data Loss Prevention (DLP) in Microsoft Teams revolves around business readiness when protecting sensitive data, ensuring your users only share sensitive data with the correct people.
· Electronic Discovery
Electronic discovery, or eDiscovery, is the electronic aspect to identify, collect and produce electronically stored information (ESI).
· Legal Hold
During litigation, data associated with a user or Team must be preserved as evidence for a case. You can do this by placing the Team on legal hold. There is In-Place Hold, where a subset of the mailbox or filtered content is put on hold, and Litigation Hold, where the entire mailbox or site collection is placed on hold.
If end users try to tamper or delete channel messages, the immutable copies of the content are still available through eDiscovery search.
· Compliance Content Search
You can use the content search to search for all Teams data through rich filtering capabilities. You can export this data to a specific container for compliance and litigation support.
· Auditing and Reporting
Audit log enables you to set alerts and report on audit events.
When you create a team in Microsoft Teams, on the backend, you also create an Office 365 Group. In addition to this group, you create the associated SharePoint document library, OneNote notebook, as well as ties into other Office 365 cloud applications. So, you could have over 2,000 SharePoint team sites that you did not know exist.
Your Teams users cannot share files within the app if you do not enable SharePoint Online. If you are using one-on-one chat, you need to enable OneDrive for Business.
If you want to go modern, you have to go flat seeing as subsites cannot be modern. Also, only top-level sites work with Microsoft Teams and Office 365 Groups. All Teams chat rooms come with a modern SharePoint team site, and Teams is flat under your organisation.
You cannot organise your teams in groups seeing as they are listed in the left-hand side of your sidebar – mainly to encourage users to use the tool.
It is important to note that you use Teams for chat, SharePoint for docs, and Office 365 Groups works behind-the-scenes, acting as your Security Groups and leveraging all the tools in the suite.
When examining the Teams admin centre, it is possible to manage the Teams portion of each Office 365 Group, and edit some of the necessary settings. On Teams policies, for example, you can create private channels. However, the majority of settings in your Teams admin centre regard chatting or voice functions.
Team’s workflows are not attached to your Microsoft Teams chat room. Instead, they are attached to an Office 365 Group.
Running new groups accidentally is common when users are getting familiar with Office 365, making IT admins wary of enabling self-service features. Yet, an IT-led provisioning model that forces users to get IT to approve each new group creation request is not only inefficient but also impossible to manage at scale.
To make everyone’s life more comfortable, you can enable self-service alongside the following governance best practices:
· Group creation policy
For Group creation policy, you need Azure AD Premium license or an Azure AD Basic EDU license. Under this policy, you:
- Implement a block on general group creation
- Define a list of users permitted to create groups
- Create a directory setting object and update settings to implement block by restricting creation to the permitted list.
- Clients and integrations access AAD to retrieve directory settings and execute block/allowed list.
· Group naming policy
The naming policy allows you to quickly figure out the function of each Office 365 Group, thus, avoiding duplicates and making the archive process simpler. To set a group naming policy, you can create a distribution group naming policy within Exchange or create a group naming policy at the Azure AD level.
· Identifying inactive groups
To effectively improve usability and keep sensitive company information secure, monitor your inactive groups.
Although Microsoft cannot detect which groups are going underused, you can use a PowerShell script for this purpose. The script checks audit records to examine SharePoint activity in the group document library within the past 90 days with Search-UnifiedAuditLog. It also checks if conversations have taken place in the group mailbox in the last year with Get-MailboxFolderStatistics.
The end HTML report includes:
- Number of groups scanned
- Number of groups potentially obsolete (based on document library activity)
- Number of groups possibly outdated (based on conversation activity)
- Number of Teams-enabled groups
- Percentage of Teams-enabled groups
For security and compliance, you can grant compliance task permission to anyone under the office 365 Security and Compliance Center.
Permissions are based on the Role-Based Access Control (RBAC) permissions model, and you can implement:
- Audit log search – Investigate specific activities across Office 365 services.
- Content search – The Content Search eDiscovery tool allows you to search for in-place items.
- Secret groups – Sensitive groups can be hidden from your Global Address List (GAL) and membership.
- Dynamic groups – Dynamic Office 365 Groups are implemented through queries executed against Azure Active Directory.
To roll out Microsoft Teams effectively, have an operational plan in place. In your strategy, you must:
- Monitor your environment for health and quality- Monitoring and mitigating network health ensure positive user experience, and it reduces calls to your support desk.
- Encourage user adoption – Enlist peer champions to help encourage fellow users, leverage the Teams Customer Success Kit to enhance awareness, and implement a formal adoption and change management strategy to sustain adoption growth.
- Plan for new functionality – Establish a change cycle to ensure you can manage continual collaboration improvements. To achieve this, monitor the Teams roadmap, and implement a change planning to prepare and implement new functionality.