Microsoft Teams has been rolled out at a dramatic pace for many organizations, as working from home has become the new “normal” across the globe due to COVID-19.
Organizations needed a way to allow their workforce to easily collaborate, communicate and meet, internally and externally, with their clients/partners remotely. However, many missed one of the most critical pieces of the puzzle in haste to rollout functionality to improve productivity and that is the Governance of Microsoft Teams.
An organization that is rolling out Microsoft Teams should establish a Teams Governance committee. Teams is ever-evolving, and new functionality is frequently released without much notice or ability for an organization to intervene. A monthly Governance committee meeting focusing on new functionality and its impact to the organization allows a company to determine the best way to communicate or potentially restrict these new features. Scheduling a monthly meeting ensures that not only do you continue to drive adoption and get the most value out of the tool, but that the organization continues to protect its data, employees, and adhere to any industry-required compliance measures that may be needed.
Microsoft Teams Governance is a broad topic, but below are some things to consider when you build out and create your initial governance plan:
Microsoft Teams Policies allow the administrator to control what users can do within Teams and Channels at a more granular level. Some relevant Teams policies to consider setting up in your initial rollout may include:
- Meeting policies control what features are available to users when they join Teams meetings.
- Messaging policies control what chat and channel messaging features are available to users in Teams.
- Features, such as setting who can join a live event, providing transcription for attendees or deciding if the recording of events is available for those that schedule and host live events, can be turned on or off with Teams live events policies.
- App permission policies control what apps you want to make available to Teams users in your organization.
An organization can set a single team policy at the global level for your entire user base. For example, a lot of organizations will have a global policy around messaging, as they want to restrict the usage of Giphy’s or Memes in conversations or control the ratings of such items as not to offend anyone or violate existing policies in place.
Another approach is to create separate policies for specific segments of the user base. For example, you can create a targeted meeting policy for your Sales Team, restricting members of that group from sharing their screen during a meeting with users outside the organization.
External and Guest Access
Much like other tools within Microsoft’s suite, Teams allows users to interact with external and guest users. External access is a default setting enabled within Teams that allows users to find, call, and chat with people in other domains. Guest access, if enabled, allows users to add individuals from outside the organization to Teams and channels in Teams.
External access is not an area we see heavily governed by most organizations. Most companies choose to retain this setting but may opt to block specific domains.
As the emails start to pile up and attachments get lost, collaborating with people outside your organization can prove to be challenging. Guest access is where we see a lot of clients’ garner value from this Teams feature. Often users are led to alternate, non-IT approved solutions when there is a need to collaborate and share files. Guest access ensures that you not only retain your company’s data but that it is protected based on your organization’s and industry’s standards, which is why governance of guest access can be critical to a company’s adoption of Teams.
contact a member of Withum’s Digital and Technology Transformation team to speak with a consultant today.
Automated Teams Governance
A way we’ve seen many organizations take governance to the next level is through automation. Automation reduces overhead costs to IT and ensures that Teams does not become unmanageable as adoption grows:
- Automating naming conventions is a great way to provide structure and consistency for users. Naming conventions help users with the findability of Teams and Channels. Teams Administrators can specify a naming convention that includes prefixes or suffixes when they create Teams. Adding prefixes or suffixes to a Team name can also distinguish internal Teams vs. Teams you may share with a vendor or guest. Additionally, we’ve seen our clients gain value in the ability to block specific words from being used when naming a Team.
- Once an organization adopts Teams, some Teams will reach a point where the content, conversation and channels have served their purpose and are no longer needed. Enabling an expiration policy allows IT to automate content cleanup of these unused Teams where Team owners will receive a notification if a site is not in use. If the Owner does not respond to the notification to renew the site, then the Team will be automatically deleted.
- Many organizations will want to create retention policies for their data in Teams. Automating retention or deletion of Teams content is an excellent option to ensure data is retained for audit or legal purposes or deleted if not required or could pose a future liability.
- Out of the box, it is easy for users to create Teams, which often leads to duplicates and unused resources. We work with clients to help them best govern this process and think through how a Team should be requested and subsequently created. In some instances, clients choose to restrict Team creation to the few people in the organization by setting up a security group for Teams creators. In contrast, other clients automate Team creation via a bot.
Digital and Technology Transformation