Managing Teams with Policies
When Microsoft launched Teams in November 2016, the tenant-wide settings to control the application were in the Office 365 Admin Center. With the introduction of the Teams and Skype for Business Online Admin Center in April 2018 (now renamed the Teams Admin Center), some of those settings are replaced by a set of policies (messaging, meeting, and live events)
The major advantage of this approach is that you can apply different policies to different users instead of a single setting for the entire tenant. Where it makes sense to have global settings, like those governing guest user access, the Teams Admin Center manages these under org-wide settings. Continue reading
Teams is a nice place to discuss the issues of the day, but what happens if someone abuses the platform and sends some abusive or otherwise objectionable messages?
The simple answer is that team owners should keep an eye on discussions and remove anything that shouldn’t be there. That’s OK if team owners are omnipresent and have the time and energy to check every channel in every team they own. Not every owner does so.
New Console, New Module
Given that the Teams and Skype for Business Online Admin Center recently introduced support for team management, it is unsurprising that Microsoft has refreshed the Teams PowerShell module. You can now download version 0.9.5 from the PowerShell Gallery).
In terms of the administrative control over Teams, the module has improved steadily from the first release and is now capable of handling most of the administrative operations available in the Teams and Skype for Business Online Admin Center. Cmdlets are available to create teams (including a team for an existing Office 365 group), list all teams in the tenant, update settings for teams, and create new channels. Because the module is still evolving, some change is inevitable before the final release. Even with this warning, you can depend on the current release for production use. Continue reading
In a surprise move because we expect Microsoft to keep all announcements until the Ignite conference rolls around next week, Microsoft released four new administrative roles to help Office 365 tenants to manage Teams more effectively, especially when the complexity of the Teams infrastructure for video and audio meetings and calling scales up.
Four New Roles
This move is to help organizations move from Skype for Business Online to Teams. Office 365 tenant administrators already have the necessary rights to manage Teams through the Teams and Skype for Business Admin Center or PowerShell. In small tenants, it’s likely that the tenant administrator will manage Teams along with all the other workloads. However, if you run a larger tenant, you can assign the new administrative roles to users to allow them to perform specific management actions for Teams. The new roles are: Continue reading
Earlier this month, Microsoft disclosed that Teams now boasts an official solution for archiving.
To archive a team, click Teams in the navigation bar in the desktop or browser client to expose the list of teams, then the Manage cogwheel icon under the list of teams. You see a list of teams that you belong to, divided into active teams and archived teams. You can only archive a team when you are an owner of that team. The choice to Archive team is in the ellipsis menu for the team. Continue reading
Capturing Compliance Data Since January
Neatly aligned with the need for better compliance mandated by GDPR, Microsoft announced on June 1 that they have been collecting compliance records for messages sent by on-premises users in personal chats since January 31, 2018. Microsoft says that they are working to create compliance records for chats before this date but cannot commit to when this data might be available. Continue reading
Microsoft’s original vision for Office 365 Groups emphasized openness. Anyone could create a group and all groups were public. The aim was to foster collaboration and make sure that anyone could join in any group discussion as they liked.
Time passes by and software matures in the fierce heat of customer opinion. The original dedication to openness is less than it was. A group creation policy allows tenants to restrict the creation of new groups to a limit set of users. Teams hides groups that it creates from Exchange clients to avoid the chance of confusing users and Yammer-originated groups are invisible anywhere outside Yammer.
And now, Microsoft has decided to change the default access type for a group from public to private to satisfy the third-highest rated request for Groups on Uservoice, the place where customers voice their opinion about changes they’d like Microsoft to make.
Microsoft Teams is built on the Office 365 hyper-scale, enterprise-grade cloud, delivering the advanced security and compliance capabilities our customers expect.
Teams is Tier C-compliant at launch. This includes the following standards: ISO 27001, ISO 27018, SSAE16 SOC 1 and SOC 2, HIPAA, and EU Model Clauses (EUMC). Within the Microsoft compliance framework, Microsoft classifies Office 365 applications and services into four categories. Each category is defined by specific compliance commitments that must be met for an Office 365 service, or a related Microsoft service, to be listed in that category.
Services in compliance categories C and D that have industry-leading compliance commitments are enabled by default. Services in categories A and B come with controls to turn on or turn off these services for an entire organization. Details can be found in the Compliance Framework for Industry Standards and Regulations. Teams also supports Cloud Security Alliance compliance.
Teams also enforces team-wide and organization-wide two-factor authentication, single sign-on through Active Directory, and encryption of data in transit and at rest. Files are stored in SharePoint and are backed by SharePoint encryption. Notes are stored in OneNote and are backed by OneNote encryption. Continue reading
With the news at Microsoft Ignite that Teams is here to stay, and going to be the primary collaboration client in Office 365, it is going to be important for organisations to understand how to secure the data and conversations stored within Microsoft Teams.
Where is the data?
The first key thing to understand what types of data you are talking about, and where it is actually stored. Every “Team” is build on an Office 365 Group, and this is where the majority of the Team related data will be stored. Each Channel in the Team will provision a new folder in the Group’s Document Library, and this is where files shared in Group conversations will be stored. Each Group also has a Group Mailbox, and this is where conversations held within channels are stored.
However, users can also communicate directly via chat, and share files from this interface. In this instance, the conversations will be stored in the user’s mailbox, and the files they share will be stored in OneDrive.
That’s great, but what does this mean when it comes to compliance? Continue reading