In this post we will explore Microsoft Teams Governance Capabilities in detail. What is it possible to see and which actions are possible to do from the admin portal.

Companies are facing more challenges on their communications, mostly due to the unprecedented transformation of business to partial or fully remote. Unified communications professionals need to make sure that their UC Vendor is up to the governance standards of each individual company.

employee control feature image knmvqw

Here is our detailed list of Microsoft Teams Governance capabilities:

To open the Admin Center for MS Teams go to →

Teams and Channels

See list of Teams including :

  • Amount of Standard Channels
  • Amount of private Channels
  • Amount of team members
  • Amount of owners
  • Amount of Guests
  • Privacy Status of channel/team (Public/Private)
  • Status (Active/Archived)
  • Team Description 
  • Classification – Sensitivity labels for Microsoft Teams
  • group ID
  • Expiration Date

image 20210530 144321

Add Teams including

  • Name
  • Description
  • Team Owners
  • Privacy Status
image 20210530 144435

See members of each Teams including

  • Display Name
  • User Name
  • Title
  • Location 
  • Role (Member/Guest)
image 20210530 144517

Channel Actions

  • Add Members
  • Remove Members
  • Change Roles (member to Owner and vice versa)

Channels – list of channels in each team including 

  • Name 
  • Description
  • Type (private/Standard)
  • Auto Pin (shows if the channel is pinned to the channel list. A standard channel can be pinned under the team, but private channels can’t)
image 20210530 144639

View Channel Settings (cannot edit)


  • Allow editing of sent messages
  • Allow deleting of sent messages


  • Team members can add channels or edit existing ones
  • Team members can add, edit or remove tabs 
  • Team members can add, edit or remove connectors
  • Team members can add, edit or remove apps
  • Team members can add private channels or edit existing ones
image 20210530 144702

Teams Apps

Manage Apps including

List of Apps with meta data and possible actions: 

  • Upload
  • Allow
  • Block
  • Add to Team
  • Customize
image 20210530 144753

App Policies

For these categories:

  • MS Apps | Third party Apps | Custom Apps
    • Allow All Apps
    • Allow Specific Apps and Block all others (whitelist)
    • Block Specific apps and allow all others (blacklist)
    • Block all apps
image 20210502 114833

Org-Wide Settings

External Access

  • Turn on/off external communication with Skype for Business and Teams users 
  • Create lists of allowed and disallowed external domains 

Guest Access

  • Turn on /off Guest access in Teams (Org Wide)
  • Manage settings for Guests
hE0wsKQYbnaQdGSu215hoq M7VGfBVzrzz1KaQWj8 26mNvoqFkYySZ2qh7S9Yxo9n85RmJ cyOkPxHbTBsGzfAN9kP1ZUjqf6HYWH75Y6L8Z2 m9lk7NmJRklf oNCl4AI4Mqrn

SphereShield Governance

AGAT offers through SphereShield unique Advanced governance capabilites for a variety of industries and scenarios

Creation and Ownership

  • Which Groups/Users are allowed to create Teams
  • Which Groups/Users are allowed to create Channels
  • Which Groups/Users are allowed to be Teams Owners

Save your tenant from future problems by establishing who can create teams and channels. Avoid future team/channel clogging.

Adding users (internal and external) and permissions

  • Which Groups/Users are allowed to add users to Teams
  • Which Groups/Users are allowed to add Guests to Teams
  • Which Groups/Users are permited Guest Access to other tenants

A common example is that usually, companies find Guest users in Teams they should not belong to. Not only that but many times a company can have teams dedicated to upper management where middle management employees should not appear.

Regarding Guest access, a common scenario of data leak, is when employees are part of other MS Teams tenants and freely message and share files.

For more information, take a look at these articles:

Microsoft Teams Guests Explained
-How To Prevent Users From Becoming Guests In An External Office 365 Tenant.
Microsoft Teams Dlp Limitations: Controlling Users When Being Guests Outside The Organization.

File Uploading

  • Which Groups/Users are allowed to upload files to OneDrive / SharePoint
  • Which Groups/Users are allowed to upload files to MS Teams

Data is an extremely important, if not the most, valuable asset for any company. The fact that employees can access it and instantly share on collaboration platforms such as MS Teams, should raise a flag to have a system to control it and prevent any undesirable scenario. Also for other regulation (or internal policy) purposes, it may be necessary to restrict file uploading capabilities to a limited amount of users.

Block Joining Anonymously to meetings

For more information on SphereShield Governance capabilities, contact us today. A specialist will happily answer all your request.