Knowledge base

May 26, 2021

Microsoft Teams governance – notes from the field

There are quite a few blogs that cover the topic of Teams governance. There are also numerous tools and applications related to technical governance aspects. This blog is not about the technical side of this process (well, most of it isn’t). It’s about my experience implementing such technology and configuration to improve Teams governance within the organization.

What is Teams governance?

Let’s start by explaining what Teams governance is. Teams governance aims to balance user access to the powerful features that Teams provide, minimize information protection risks, and ensure that access and information lifecycle is continuously monitored and audited. Implementing Teams governance helps prevent uncontrolled growth. It ensures processes are in place to manage the information stored in Teams in accordance with business, data security, and compliance requirements. With the governance plan, everyone in the organization knows which roles and responsibilities there are around the use of Microsoft 365 applications. This contributes to a manageable, reliable and safe new workplace.

Realizing the risks.

The first step to improving Teams governance is to understand the risks of perpetuating the unstructured environment. The lack of a clearly defined information architecture will only lead to a further increase in the number of areas of collaboration created by the workforce. Inconsistency in how teams are managed and how SharePoint sites are used can lead to poor document management practices. This has a negative effect on the findability of information. Without a defined lifecycle for information stored in teams, data can be retained beyond legal requirements. Records can be deleted where they should be kept. Granting all teams unrestricted access to staff and guests without additional checks (Multi-Factor Authentication, Conditional Access Policy, Access Control) can result in only internal information being shared with guests, downloaded to personal devices, which can lead to data loss .

Get the right people on board.

Emphasizing the risks to the right people, securing the sponsorship for the future state redesign, and the redefined information architecture is essential to the success of this type of engagement. Defining and implementing the rules for teams typically requires the involvement of teams in information management, IT, and business communications.

Greenfield and brownfield environments.

Implementing governance processes for organizations where users have unrestricted access to team collaboration is much more difficult than implementing the same processes for greenfield environments. A large number of existing teams are typically associated with users who do not fully understand the concept of teams. Often users create new teams instead of creating channels, using group chat, or scheduling a meeting. Bringing Teams back to manageability requires implementing technical processes to manage the creation of new Teams and finding a way to work with the company to archive, consolidate, delete, or update existing Teams.

Support the users during the change.

Educating and supporting users during the change is essential. Microsoft 365 includes several collaboration tools and apps; quite often those collaboration tools can provide similar functionality (e.g. OneDrive and Teams can both be used to store and share files). This can be confusing for users and often they will start making the wrong choices. Defining common collaboration scenarios, communicating those scenarios in an easily digestible way, encouraging and promoting good data governance practices, and onboarding users into Teams are all good steps to help users better understand Teams.

Every organization is different and there is no single solution that can meet all the challenges. There are some quick wins that would improve the management of teams with minimal effort, but having a well-defined governance strategy is the key to regaining control over teams. This will also ensure that the organization is prepared to support Teams growth in the future.

Source: risk

Want to know more?

Get in touch

Tech Updates: Microsoft 365, Azure, Cybersecurity & AI – Weekly in Your Mailbox.