admin

/admin

About admin

This author has not yet filled in any details.
So far has created 4 blog entries.

Are Microsoft Teams Default Security and Compliance Tools Good Enough?

Are Microsoft Teams Default Security and Compliance Tools Good Enough?

AGAT Software team

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on whatsapp
Share on telegram

Microsoft Teams is a fast-growing communication and collaboration platform for business use. As of the end of 2018, Teams has overtaken Slack and became the market leader and is now used by more than 329,000 organizations worldwide.

While Microsoft Teams is an open platform that offers a vast range of collaboration options from any device, allowing such an accessible platform comes with compliance and security challenges.

Companies deploying Teams need to make sure they are as protected as possible. We have covered in the past some of the security and compliance challenges that should be addressed when moving to Teams. Let’s dive deeper into this.

Sensitive Data Loss

The very collaborative benefits that employees love can be a major headache for security and compliance teams. Sure, sharing files at the tip of your finger is great for workflows, but how do you make sure sensitive data isn’t being shared? Preventing data leakage or loss is a must have when controlling risk with Teams. 

While Microsoft Office 365 offers some rudimentary DLP (Data Loss Prevention) capabilities, they are often not sufficiently effective. Content is usually inspected after it is sent and not in real time. Content can’t be blocked or masked based or organization-wide policies. If you wish to detect and protect sensitive data from leakage you may want to look for a third-party solution, like SphereShield.

Advanced DLP tools usually offer build-in rule templates that prevent data such as Social Security numbers, credit card numbers and ID numbers from being shared. Additional rules that are specific for your organization (like a secret project name) can always be added as well. You may want to invest in a solution like SphereShield that is tailor-made for Microsoft Teams, and can inspect content according to specific Teams functionalities or integrate a company’s existing DLP solutions that may not cover Teams. 

External users

Collaboration with external business partners can be a dangerous proposition if left unchecked. Getting a handle on who can join these messaging applications is critical to preventing data loss and staying compliant with regulation. 

Microsoft Teams allows users outside your organisation to communicate with your employees. You have control over which domains can communicate with users from your company but that’s about it. You don’t have granular control.

Microsoft Teams Policies

These messaging policies are not enough. They are applied per user (not per group) and are not context aware. They do not change based on participants or scopes. For example, if settings are set to block a user’s file sharing capabilities, he won’t be able to share files neither internally nor externally. That means you can’t limit an employee from communicating with external users in a specific, tailor-made way.

When federating with external companies, you may wish to control two aspects:

  • Who can communicate with whom
  • How they can communicate

SphereShield’s Ethical Wall can be used for this purpose. Policies can be applied on users, groups or domains (that solves the “who” part). In addition, granular modality policies help control communication capabilities such as IM, File transfer, Meeting, Audio, Video and more. Ethical Wall policies can be created to control both intra organisation communication as well is inter organisation communication.

SphereShield Ethical Wall Settings
SphereShield Ethical Wall policies
SphereShield Ethical Wall policies

Offline eDiscovery Archiving

Most companies today face compliance regulation requiring them to archive information in an accessible way. This is sometime even more challenging for international organizations. Different data laws and consent requirements impact cross-border eDiscovery management. Just as some of the security and compliance concerns, we already covered in this article, Microsoft does offer an eDiscovery module for O365, which inspects also Teams. However, the advanced eDiscovery is not free and requires the E5 license. Furthermore, even if you invest in the license, you may want to consider archiving data on-site and not in the cloud. That decision should depend on how sensitive the information your company handles is. If you wish to store eDiscovery archives on prem, you would need to invest in an alternative solution to Microsoft.

SphereShield eDiscovery

SphereShield’ eDiscovery. Can be implemented online or on-site.

Want to learn more about our solution for Microsoft Teams?

We think you might also like these posts

3 Questions to Ask Before Deploying Microsoft Teams

SphereShield Anti-harassment and Workplace Safety Policy Feature

New security vulnerabilities exposed in Microsoft ADFS

By |May 19th, 2019|Microsoft Teams|Comments Off on Are Microsoft Teams Default Security and Compliance Tools Good Enough?

3 Questions to Ask Before Deploying Microsoft Teams

3 Questions to Ask Before Deploying Microsoft Teams

By AGAT Software team

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on whatsapp
Share on telegram

The ways organizations collaborate vary these days more than ever. The generational divide in the workplace has many employees working with a mix of device types and preferring different modes of interaction. Employees expect modern communication facilities that traditional enterprise-wide collaboration tools just aren’t up to.

Microsoft Teams is Microsoft’s answer to competing platforms such as Slack and Atlassian’s HipChat. It provides the slick user experience that employees have come to expect, from their regular usage of personal communications platforms such as WhatsApp, Facebook Messenger and Telegram.

The core feature of Microsoft Teams allows users to set up teams, each of which is essentially a hub for group chat rooms, which are called channels.

However, Microsoft has been pushing the platform as being more than just a chat hub. Teams is integrated with Microsoft’s online office suite, Office 365. That means it’s tied to other Microsoft Office services, such as Word and Excel, as well as its cloud storage and sharing services such as SharePoint. PowerPoint, OneNote, Planner, Power BI and Delve are also integrated with Teams.

Trying to solve every collaboration and communication need to ensure engagement and productivity with a single tool is probably not the right approach. At the other end of the spectrum, having too many tools and too many options can also impact adoption, productivity and business efficiencies. Organizations need to find a balance – and use the right tool for the job. Microsoft Teams is an ambitious solution which can bridge existing ways of collaborating with more modern modes, notably chat.

Teams Security – what’s lacking?

As Microsoft Teams gains more feature parity with Skype for Business and eventually replaces it as the dominant intelligent communications platform, it’s important to consider three obstacles your IT team may face when deploying this application.

1) Security and Compliance Challenges

Comparing Microsoft Teams to Skype for Business isn’t really a one to one comparison. Skype is primarily used for calls, meetings and instant messaging, and though you can share documents through a chat, content sharing has never been its primary focus. You have SharePoint for that.

Teams, on the other hand, is inherently content-centric. With SharePoint running in the background, Teams easily brings together content and communication.
This type of collaborative environment creates challenges for security since you not only have to consider how to secure communications, as you would with Skype for Business, but also how to get a handle on document storage and sharing. And let’s not forget about compliance and retention. The content that users create and store within Teams should still follow your corporate retention policies.

The demand for mobility is high, and since Teams is also built to be easily accessible on any device, that means that anyone in your organization may access any content anywhere. So how do you stop a user from downloading a proprietary presentation onto their personal device and then sharing it freely?
IT Security needs to think about not only protecting the network and the device, but also the content that’s shared on the platforms that are now widely available. This is where solutions like DLP (Data Loss Prevention) tools come into play. By creating policies controlling the sharing of sensitive information, IT can ensure that important data never gets into the wrong hands.

Though Teams offers some DLP capabilities, those aren’t on par with existing DLP solutions by vendors who Specialize in this field. Companies with existing DLP policies should look into integrating them into Teams, instead of creating new policies. 

Microsoft teams DLP integrations

SphereShield allows integrating Teams with existing DLP policies and blocking or replacing any sensitive data.

If your business manages confidential information, you’re probably already thinking about how to manage and protect data that needs to remain HIPAA and GDPR compliant. With the multitude of third-party applications that can connect to Teams, such as a CRMs loaded with contact information, you need to be prepared with a solution that keeps your organization in compliance with data protection regulations.

Want to learn more about our DLP solution and integrations for Microsoft Teams?

2) IT Administration Challenges

Everyone’s favorite word: governance. It’s an important one. When laying the foundation for a successful Microsoft Teams experience, your IT team needs to determine how to handle the creation of Office 365 Groups and how to manage the teams that may expire or become irrelevant in your organization.

According to Microsoft, “By default, all users with a mailbox in Exchange Online have permissions to create Office 365 groups and therefore a team within Microsoft Teams”. That means the IT admins are no longer the only ones in-charge of creating groups and setting up their permissions.  

However, there’s an easy solution to tighten these permissions and not give up control. You can set up a group for specific users and grant only those users the rights to create other Office 365 groups. Controlling which users are permitted to create and manage groups allows you to delegate authority without compromising security or compliance.  

 

3) End User and Change Management

Employees need to have a thorough understanding of how and when to use Teams versus other Office 365 applications, ideally with Teams as their first choice.

It’s also important to have a plan for how you’ll roll out the Teams client to your end users’ machines. Using your security and asset management system, you should be able to do this through a group policy, Microsoft Intune, or Microsoft Systems Center. The last thing you want is for your support queue to overflow with tickets from users who can’t find the application on their laptop.

You can ease Teams adoption pain by enabling it side-by-side with Skype for Business. Especially until complete feature parity exists, we highly recommend running them simultaneously so that end users don’t become frustrated and resistant to Teams as a whole. 

We think you might also like these posts

Challenges with federation of Skype for Business on premise with Skype for Business Online

SphereShield Anti-harassment and Workplace Safety Policy Feature

New security vulnerabilities exposed in Microsoft ADFS

By |February 25th, 2019|Microsoft Teams|Comments Off on 3 Questions to Ask Before Deploying Microsoft Teams

Challenges with federation of Skype for Business on premise with Skype for Business Online

Skype for Business online is part of the Microsoft Office 365 suite. It is a Cloud-based Skype for Business service hosted by Microsoft. Like Skype for Business on premise solutions, Skype for Business online allows a federation between Skype for Business environments. A federation is a trusted relationship between Skype for Business environments, allowing communication […]

By |May 10th, 2017|Uncategorized|Comments Off on Challenges with federation of Skype for Business on premise with Skype for Business Online

SphereShield Anti-harassment and Workplace Safety Policy Feature

Background

Workplace harassment can be a serious issue and an HR nightmare. Managers can bully employees, employees could insult one another and the dreaded sexual harassment may threaten the safety of the workplace. When bullying, insults, and sexual harassment occur in the workplace, a hostile work environment is created damaging morale and productivity. Organizations are liable to […]

By |May 3rd, 2017|Uncategorized|Comments Off on SphereShield Anti-harassment and Workplace Safety Policy Feature