Digital collaboration is moving fast, and no one knows this better than Microsoft Teams. Launched in 2017 and currently sitting at 270 million users, Teams has quickly become the hub for workplace collaboration in thousands of enterprises. But as organizations increasingly meet, collaborate, and automate their work in Teams, the business requirement to properly control and secure data while it’s being accessed, changed, and shared is getting more difficult.
So, we’ve got to ask: is your organization successfully implementing strong Teams governance?
Governance can help maximize the value and minimize the risk of not only your Teams data, but data spread across the entire Microsoft 365 environment, especially given its tight integrations with OneDrive, SharePoint, and other tools.
This article is inspired by one of our popular webinars. You can watch the recording and download the slides below:
Corporate data is often stored in multiple locations, including both virtually and geographically. A global research survey conducted by Splunk revealed that 55% of an organization’s data is dark, meaning it’s unused, unknown, and untapped. This makes it nearly impossible for organizations to protect that data, close exposure gaps, comply with regulatory requirements, or even manage access controls.
For data to fuel digital transformation, it must be:
This is why more organizations are beginning to wrangle in their data by establishing a data estate.
A data estate is the infrastructure to help companies systematically manage and utilize all of their corporate data, regardless of where it’s stored. It can be developed on-premises, in the cloud, or a combination of both. Data estates tend to be less costly and more efficient than data warehouses, which weren’t traditionally designed to incorporate the explosion of new unstructured data types (messages, tickets, collaboration content, transcripts, video, and more) at the rate and volume we’re seeing today.
Teams is most known for its chat capabilities, but the platform also offers online meetings, video conferencing, webinar hosting, phone calling, and seamless integrations with the rest of the Microsoft Suite, including popular apps like Excel, Outlook, and OneDrive. On top of all this, Teams also has the ability to connect to third-party apps for companies with a more diverse tech stack.
But while the platform’s functionality can be accessed from a single interface, its data is another story.
Teams is built on Microsoft’s cloud platform, Azure. Azure allows users to build, scale, and run applications on-premises, in the cloud, or across hybrid models. Teams uses Azure storage to create what’s called the “Teams substrate” — think of this as an underlying storage layer that captures all of the data that makes up Teams (i.e. chats, video, voice, etc.).
Here’s a visual representation of how Microsoft Teams data is stored within different Microsoft apps:
With data stored across the entire Microsoft ecosystem, managing risk, compliance, and governance of Teams data can be overwhelming, to say the least. And while knowing where Microsoft Teams data is stored is useful, this is just the first step. What comes next is finding out what data can be retained and for how long. The solution?
Enter: Microsoft Purview.
Formerly known as Microsoft 365 Compliance Center, Microsoft Purview is a data governance solution that helps manage and govern your on-premises, multi-cloud, and software-as-a-service (SaaS) data. It essentially combines the former Azure Purview and Microsoft 365 Compliance portfolio, giving users centralized access to data discovery and governance features.
With Microsoft Purview, you can:
Aside from its governance solutions, Microsoft Purview also brings together compliance and risk management from Microsoft Security, so users can manage regulatory compliance and end-to-end data risks in one place.
Microsoft Purview offers three eDiscovery solutions to search for content across your M365 data sources:
Content search enables users to search for content across M365 apps. Once the content is surfaced, users can then export the search results to a local computer.
The standard eDiscovery solution builds on the basic search and export functionality of Content search by enabling users to create eDiscovery cases, assign eDiscovery managers to specific cases, associate searches and exports with a case, and place an eDiscovery hold on relevant content locations.
If your organization has an Office 365 E5 or Microsoft 365 E5 subscription (or related E5 add-on subscriptions), you can utilize Microsoft’s premium eDiscovery solution. This solution builds on the existing capabilities offered in eDiscovery (standard) but provides users with an end-to-end workflow to identify, preserve, collect, review, analyze, and export responsive content. Legal teams can also manage the entire legal hold notification workflow to communicate with custodians involved in a case.
Note: If you’d like to conduct a Microsoft Teams eDiscovery investigation using any of the tools above, follow these steps.
When it comes to improving governance of your Microsoft Teams data, Microsoft Purview is a good place to start. A crucial part of strong governance is configuring retention and deletion settings, and by now most of us know the golden rule of data retention is to retain data for only as long as necessary. What’s necessary, of course, will vary by both company and jurisdiction.
However, the default retention period in Microsoft Teams is indefinite. Assuming you don’t want to hang on to your Teams data forever, it might be a good idea to head into the Microsoft Purview compliance portal and configure some policies.
The tricky part? You can set more than one retention policy for the same content. If that happens, Microsoft applies the following retention principles:
Note: While Microsoft Purview offers multi-stage retention, Microsoft Teams does not support using retention labels that isolate data at the item level using keywords and other classifiers in other Microsoft apps.
Teams supports retention policies for chats, channel, and private channel messages. Additionally, you can retain the following metadata:
Because Teams data is stored within different Microsoft apps, emails and files shared over a Teams chat or channel message aren’t included in retention policies. These items may have their own retention policy with a separate expiration date from the message. When this happens, the message and file preview may still show in Teams, but if you attempt to open the file, you’ll receive a “File not found” error message.
Note: Code snippets, recorded voice memos, thumbnails, announcement images, and reactions (emoji) from others are also not retained when you use retention policies for Teams.
A disadvantage to governing your data in Microsoft Purview is its limited ability to streamline data retention across the Microsoft Suite. All Microsoft apps need their own retention configurations separate from Teams.
To learn how to set a retention policy for apps other than Teams, check out this article.
Chat and channel messages in Teams are perhaps the most critical pieces of data. When preserved strategically, Teams chat and channel messages can provide the context needed to meet future discovery needs, offer insight into employee sentiment, and help with internal investigations.
The start of a retention period is always based on when a message is created. Retention policies for Teams can be applied to your entire organization or specific users and teams. Kick your Teams governance up a notch with these retention best practices for chat and channel messages.
Think about the nature of channels versus private chats. While channels are generally home to standard project-management content, there tends to be greater liability risk with private chats as there’s an unknown element. Because of this, we recommend assigning different retention policies to specific users, teams, or channels.
You can also set messaging policies in the Microsoft Teams admin center. Admins can use messaging policies to control which chat and channel messaging features are available to Teams users.
To view the full list of messaging policy settings you can configure, see here.
Legal holds for discovery differ from data retention policies because they’re designed for a limited duration. Unlike retention policies, legal holds typically have a narrower scope and don’t automatically delete content when they expire. Legal holds in Teams allow you to preserve all data associated with an entire team or select users. When an entire team is placed on hold, all messages exchanged in those teams (including private and shared channels) can be discovered by the organization’s compliance managers or Teams admins.
Note: For M365 and Teams, legal holds always take precedence over data retention policies. When you place a hold on sites and mailboxes associated with Teams, your content will be kept until you delete the hold. (Keep in mind that it may take up to 24 hours for the hold to take effect.)
To place a Microsoft Teams user or team on legal hold, see here.
Between data discovery, retention, legal hold, archiving, and search, many elements go into successful Teams governance. Unfortunately, Purview’s functionality and Microsoft’s complex architecture simply don’t allow for optimum visibility into it all. Plus, without the ability to use retention labels in Teams, you could be missing out on capturing critical data.
Not to mention, unreliable indexing and search, fragmented retention policies, and a complex user experience are leading organizations to consider centralized solutions, like Onna, to manage and control not only their M365 data, but data from their other workplace applications, like Zendesk, Confluence, and Slack.
See how Onna stacks up to Microsoft Purview in our on-demand webinar here.