Don’t risk it: It’s time to rethink your data governance and security in Teams

As we approach the end of a year that’s been like no other, now is the perfect opportunity to reflect on a period of significant and rapid change – led by the shift to an almost entirely remote workforce.

In response to the pandemic, deploying or scaling up collaboration platforms was at the top of the list for many organisations, with the new need to keep teams connected.

However, the rush to rearrange the way we work placed a significant, sudden strain on IT and leadership. In many cases, IT teams were forced to overlook the finer points of security and governance requirements in the urgent rush to deploy solutions.

As a leader of the collaboration platform pack, Microsoft Teams has been a popular choice this year. Many users presumed that its native security features would adequately protect their organisation. While Teams is a highly secure platform, any unexpected environmental change can drive security risk.

So, if your organisation dove into Teams almost overnight, now is a good time to take a step back to review the platform’s alignment with your organisation’s wider security solutions and access policies.

Examine and finetune your data encryption policies

Within Teams, data itself is encrypted natively- in transit and at rest. As for how long the data is stored, it depends on the length of your license. Additionally, many users don’t realise that SharePoint is used in the backend of Teams to facilitate the sharing of files.

In this instance, SharePoint has been configured specifically to support the Teams app – you can’t customise the SharePoint security settings as you would otherwise be able to when using it independently of Teams.

For organisations with highly sensitive conversations or files, this level of security may not provide adequate protection. In this case, incorporating other identity management, data governance and conditional access policies will help alleviate the risks of potential security breaches.

For example, additional policies that are a default Teams feature can be put in place, to protect files being uploaded and shared via Teams by external parties and employees.

Protect data outside of the Teams environment

Without proper policy, files can also be downloaded and uploaded to untrusted locations not authorised by the organisation. To prevent this, application protection policies can be put in place to restrict data relocation, and keep files safely contained in a managed app. To ensure data protection at the document level, organisations can apply policies based on the sensitivity of the information they contain.

For example, you can dictate whether documents must be encrypted, not moved, or not copied to USB. This can be managed within the wider Microsoft solution suite via Azure Information Protection (AIP).

Restrict unauthorised access to Teams with identity management

There’s a big difference between accessing Teams in the office versus remotely, which is where identity management plays an important role. For example, if a user’s credentials are stolen and access is attempted from an unknown or suspicious location, Teams can be configured to invoke additional conditions, such as multifactor authentication.

Similarly, identity spoofing – users bypassing security measures and pretending to be coming from within the organisation itself – is another major concern. Multifactor authentication is again a key element, as well as polices that will reject the connection altogether based on location.

Again, this level of identity management can only be achieved by setting up additional conditions within the wider Microsoft portfolio; they are not standard settings within Teams.

Prevent unauthorised access to Teams Meetings

‘Zoom bombing’ – uninvited people accessing Zoom calls to share less-than-savoury content with unwitting participants – created a security scare earlier this year. In a similar vein, Teams customers have voiced concern around the potential for eavesdropping on conversations within Teams Meetings – specifically, how participants can ensure that only authorised people are in the meeting.

This concern can be addressed by enabling a non-default feature that ensures those outside the organisation cannot enter the room until approved by the host.

Avoid malicious links shared in Teams

To safeguard users against malicious links shared in Microsoft Teams, a relatively new feature called ‘Safe Links’ will soon be rolled out. When enabled, it will check URLs shared via Teams in real time against a list of known malicious links. When a user clicks the link, they’ll be prevented from visiting the site.

Integrate security with Microsoft Teams

Teams, as a collaboration platform, shares common infrastructure with other Microsoft applications such as SharePoint, OneDrive and Office 365. The benefit of this architecture is that the security policies invoked in these applications will also provide protection within your Teams environment.

Rethink your data governance in Teams

Data governance is not native to Teams, but it’s highly compatible and must be a key part of any technology initiative that involves a distributed information environment. If governance did not play a key role in your original Teams deployment, now is the time to develop and communicate clear rules and policies to protect staff and your organisation.

Governance in Microsoft Teams requires a rethink of the type of data that can be shared on collaboration tools and the workflows required to ensure users are not sharing unsolicited information. For example, sharing a document with credit card details should be considered a definite no.

This example might seem obvious, but it also serves as a reminder of the importance of documenting information access and distribution policies.

Need help repairing the security and governance of your Microsoft Teams deployment?

Data#3 is the safe pair of hands when looking to implement Microsoft Teams across your organisation. We provide comprehensive strategies for Teams, as well as the broader Microsoft ecosystem.

Contact a Data#3 Modern Workplace Specialist  to set up a Teams Workshop for your organisation.


Tags: Collaboration, Information Security, Microsoft, Microsoft 365, Microsoft Teams, Security


Subscribe to our blog


Get staff back into the office with Cisco
Get staff back in the office with the latest Cisco Collaboration Hardware

It’s no secret the last 12 months has forced a drastic change in the way we work. Office buildings were missing…

Device Review: HP ProBook 635 Aero G7
Device Review: HP ProBook 635 Aero G7

Made from recycled aluminium and magnesium, the eco-friendly HP ProBook 635 G7 gives the modern user everything they need…

Sustainability meets productivity with HP
Sustainability meets productivity with HP

We live in a time of huge technological advancement. We’ve watched as computers shrunk yet grew more powerful, and mobility…

HP Virtual Reality Demonstration
HP Virtual Reality Demonstration

Through virtual reality (VR), students (and teachers!) can interact and engage with complex concepts whilst supporting…

How to Use Microsoft Teams on a Cisco Webex Device in Three Easy Steps

As the hybrid workplace becomes the new model for many businesses, it’s rapidly becoming a necessity for businesses to have…

Webinar: Upgrade and Evolve Your Meeting Room Experience
Upgrade and Evolve Your Meeting Room Experience

Navigating a risk-free return to office means adapting your office environment to new ways of working. Limiting the…

Customer Story: A Managed Services Case Study

Managed Services Partnership with Data#3 Breathes New Energy into IT Outcomes Objective After struggling to find a managed service provider…

Review of the Surface Pro 7+
Review of the Surface Pro 7+

The new Surface Pro 7+ has finally arrived. Microsoft has made some thoughtful changes to their Surface Pro line-up…