blog eDiscovery Microsoft Teams

Microsoft Teams eDiscovery limitations: Content from external meetings not archived

No company can leave content out of their eDiscovery when they need it for compliance. Deploying the native Microsoft eDiscovery solution requires some attention to scenarios that are not covered and might generate compliance issues when validated or needed. This blog post will discuss all those current limitations.

So, what do we know about these issues, and what solutions does AGAT Software offer?

Table of contents

1. External collaboration in Microsoft Teams

2. Limitations in Microsoft Teams

a- Joining meetings externally

b- Joining meetings anonymously

3. Ways in which AGAT Software deals with limitations

1. If users join external meetings externally

a- Capturing meeting chat

b- Blocking chat

c- Guest Access

2. Content not being archived when joining meetings anonymously

4. Importance of archiving chats of external meetings

   1- External collaboration in Microsoft Teams 

To manage collaboration with external MS Teams users, Microsoft lets companies define which domains are allowed or restricted for communication through their External Access functions, also known as “domain federation”. 

The configuration options for administrators are:

  • Allow all external domains: the default setting in Teams lets people in your organization find, call, chat, and set up meetings with people external to your organization in any domain.
  • Whitelist: you select which external domains you add to an Allow list, so external access is limited to them. 
  • Blacklist: Adding domains to a Block list so users can communicate with all external domains except the blocked ones. 
  • Block all external domains: You can also turn off external access completely in your organization, but people will still be able to join meetings through anonymous join.

Microsoft Teams admin center change external communications configuration

In the next section, we will cover some scenarios Microsoft’s native eDiscovery won’t cover under some of these configurations, posing issues for compliance regulations and internal policies.

2-  Limitations in Microsoft Teams

a-   Joining external meetings through invitations

Scenario: the internal user “employee A” is invited to join a meeting hosted externally. For compliance purposes, the company needs to archive all messages from ‘employee A’ including those sent during the meeting.

When you choose to whitelist domains, users can still join any external tenants through invitations and the native Microsoft eDiscovery engine won’t capture the messages sent during the meeting since it is hosted externally. Therefore, ‘employee A’ will not be able to get the required content from the meeting he participated in.

b-   Joining meetings anonymously

Scenario: a user from your company, “employee A” joins a meeting hosted by an external tenant using the anonymous join option, and your company has a requirement to archive all written communication.

The gap is that when users join anonymously in a meeting, all their written communication (messages in chats) and all the content they provide won’t get captured for archiving with Microsoft eDiscovery.

pXkH e44OdTuYrv EGjQ VUOisZIl0 RQ 9Vf5CyEnnH2wPQ2cikUQXfhsqxg5h TOCYMXdchUa3s5n i9LAGheLdPnQC

3-  Ways in which AGAT Software deals with limitations:

SphereShield for Microsoft Teams has an Archive and eDiscovery solution with the ability to overcome these limitations.

1-   If users join meetings externally

There are three ways SphereShield for Microsoft Teams can be used to overcome this issue

a-  Capture meeting chat:

This feature is no longer only controlled by the admins of the organization who are hosting the Teams meeting. SphereShield for Microsoft Teams allows users who have joined an external meeting to also capture the meeting chats and keep them for future reference.

b- Blocking chat:

SphereShield for MS Teams allows organizations to block meeting participants from communicating during the meeting by setting rules to completely block them from the chat.

c- Guest Access:

Lastly, it’s important to note that MS Teams also has the Guest Access option to collaborate with external users. This means that someone from an external organization can invite one of your employees to be a guest to a Team, and they will be able to chat, call, and collaborate on files. With AGAT’s solution, you can prevent company users from accessing external tenants as Guests, choosing to set a company-wide policy or just for specific users, depending on your needs. 

2-   Content not being archived when joining meetings anonymously

SphereShield can help in three ways to address this issue. First of all, SphereShield allows the setting of rules to block users from joining meetings anonymously. Secondly, with SphereShield it’s possible to completely block chatting during meetings whether they are hosted internally or externally. Lastly, AGAT Software developers are working on providing a new and more effective option to help tackle this issue by blocking all meeting chats for anonymous users only.

4-  Importance of archiving chats of external meetings

From all the gaps we discussed above, we believe the external meeting is the most important one to pay attention to, as it is the most accessible for users. Any user simply getting an invite through digital media will be able to join any meeting without an archiving solution to capture their communications.

All content from meetings can have crucial information you might need in the future. It is essential for companies to get all the content shared by employees in every situation and later search through it easily with a variety of parameters. This helps organizations make better audits and comply with regulations. 

Contact us today to learn more about AGAT’s eDiscovery solution!

blog Case Study

The case for Archiving beyond regulation and compliance requirements.

Archiving is seen as a procedure that only applies to companies that need to follow specific regulations and compliance requirements. The IT bluder in KPMG that deleted 145,000 users’ personal chats in Microsoft Teams gives the verdict to our case.

YmZwnKf3EFQB4vT SmgzZkrR7mx 3RiJKZGvTw14UHHCZF0hTSmFb9pJmfuyZ0F8P71nAVjDke6o RdISEk64acQulKDpzyuAn VXC1OxsaGwXfpWFqqxVrw7W 1 RJDpjwY7G64

What is archiving and why isn’t it so widely spread

Archiving is another way to refer to a trustworthy “back-up” that is also legally valid, ie. in case of a trial, can be used as evidence. Archives remain on separate domains, outside the danger of being altered or deleted.

Having said that, archives are usually seen more as compliance requirements that need special infrastructure, and in simple terms, cost more.

Economic laws tend to indicate that an extra fix cost is unnecessary and therefore it is mostly regulated companies (for example banks, financial institutions, medical institutions) that widely adopt archiving software or systems.

So why isn’t archiving a part of the Unified Communications Software features?

Since archives have a great and strategic value, the issue is about risk diversification rather than technical feasibility. If one goes and gives the same UC vendor the function to archive, when one fails (which is very often) both (UC Service and archive) can fail and provoke bigger losses.

This being said, 3rd party service providers like AGAT, offer Archiving and eDiscovery for Microsoft Teams, Slack, Webex, Zoom and Skype for Business. SphereShield by AGAT works for both messages, files, audio and video, being the most complete solution that can apply eDiscovery for audio recording AI generated scripts or video sharing through special optical character recognition.

Archiving is more necessary than usually thought.

It came to the news that a human error provoked the deletion of around 145,000 users’ personal chats in Microsoft Teams in KPMG, one of the biggest corporations in the world (Get the whole story here). This error is most likely to have come with a high price tag: important data lost, necessary archives gone and the list would still go on.

The necessity to archive (as a back-up) is the millenary necessity to be ready for a rainy day. That is why people sometimes leave their umbrellas in their cars although it could be a sunny day, the benefit outweighs the costs.

It is obvious that human errors like those need to be investigated and new methodologies must emerge to prevent them, but errors will still appear.

Conclusion: archive today, thank yourself tomorrow.

The conclusion is that, unless it will be impossible to afford, archiving has to be part of every company as a standard.

It is right that also employees need to be taught to reduce the amount of crucial information that is shared throughout chats, but that comes with a parable:

It is more effective to put higher fences on a balcony than always be reminding children of how dangerous it is to climb to see what’s below.

Cases like the one in KPMG are easily solved when companies count with archiving policies and data remains safe from human mistakes.

AGAT is offering the most complete solution out there for archiving and eDiscovery that includes both written and audio/video conversations.

Contact Us to see how AGAT can help your company with archiving and eDiscovery