In this post we will explore Microsoft Teams Governance Capabilities in detail. What is it possible to see and which actions are possible to do from the admin portal.
Companies are facing more challenges on their communications, mostly due to the unprecedented transformation of business to partial or fully remote. Unified communications professionals need to make sure that their UC Vendor is up to the governance standards of each individual company.
Here is our detailed list of Microsoft Teams Governance capabilities:
To open the Admin Center for MS Teams go to → https://admin.teams.microsoft.com/
Teams and Channels
See list of Teams including :
- Amount of Standard Channels
- Amount of private Channels
- Amount of team members
- Amount of owners
- Amount of Guests
- Privacy Status of channel/team (Public/Private)
- Status (Active/Archived)
- Team Description
- Classification – Sensitivity labels for Microsoft Teams
- group ID
- Expiration Date
Add Teams including
- Name
- Description
- Team Owners
- Privacy Status
See members of each Teams including
- Display Name
- User Name
- Title
- Location
- Role (Member/Guest)
Channel Actions
- Add Members
- Remove Members
- Change Roles (member to Owner and vice versa)
Channels – list of channels in each team including
- Name
- Description
- Type (private/Standard)
- Auto Pin (shows if the channel is pinned to the channel list. A standard channel can be pinned under the team, but private channels can’t)
View Channel Settings (cannot edit)
Conversations
- Allow editing of sent messages
- Allow deleting of sent messages
Channels
- Team members can add channels or edit existing ones
- Team members can add, edit or remove tabs
- Team members can add, edit or remove connectors
- Team members can add, edit or remove apps
- Team members can add private channels or edit existing ones
Teams Apps
Manage Apps including
List of Apps with meta data and possible actions:
- Upload
- Allow
- Block
- Add to Team
- Customize
App Policies
For these categories:
- MS Apps | Third party Apps | Custom Apps
- Allow All Apps
- Allow Specific Apps and Block all others (whitelist)
- Block Specific apps and allow all others (blacklist)
- Block all apps
Org-Wide Settings
External Access
- Turn on/off external communication with Skype for Business and Teams users
- Create lists of allowed and disallowed external domains
Guest Access
- Turn on /off Guest access in Teams (Org Wide)
- Manage settings for Guests
SphereShield Governance
AGAT offers through SphereShield unique Advanced governance capabilites for a variety of industries and scenarios
Creation and Ownership
- Which Groups/Users are allowed to create Teams
- Which Groups/Users are allowed to create Channels
- Which Groups/Users are allowed to be Teams Owners
Save your tenant from future problems by establishing who can create teams and channels. Avoid future team/channel clogging.
Adding users (internal and external) and permissions
- Which Groups/Users are allowed to add users to Teams
- Which Groups/Users are allowed to add Guests to Teams
- Which Groups/Users are permited Guest Access to other tenants
A common example is that usually, companies find Guest users in Teams they should not belong to. Not only that but many times a company can have teams dedicated to upper management where middle management employees should not appear.
Regarding Guest access, a common scenario of data leak, is when employees are part of other MS Teams tenants and freely message and share files.
For more information, take a look at these articles:
–Microsoft Teams Guests Explained
-How To Prevent Users From Becoming Guests In An External Office 365 Tenant.
–Microsoft Teams Dlp Limitations: Controlling Users When Being Guests Outside The Organization.
File Uploading
- Which Groups/Users are allowed to upload files to OneDrive / SharePoint
- Which Groups/Users are allowed to upload files to MS Teams
Data is an extremely important, if not the most, valuable asset for any company. The fact that employees can access it and instantly share on collaboration platforms such as MS Teams, should raise a flag to have a system to control it and prevent any undesirable scenario. Also for other regulation (or internal policy) purposes, it may be necessary to restrict file uploading capabilities to a limited amount of users.
Block Joining Anonymously to meetings
For more information on SphereShield Governance capabilities, contact us today. A specialist will happily answer all your request.