Many teams are required by law or corporate policy to adhere to security and compliance regulations, but this can often complicate document management and sharing. Fortunately, Microsoft 365 apps like Microsoft Teams come equipped with enterprise-grade security and compliance support.
With the 2020 COVID-19 (coronavirus) outbreak, there has been a surge in remote work. This means many organisations have to make sure their environments are secure and compliant to their industry requirements. Let’s take a look at how Microsoft Teams security and compliance features protect your data and ensure your company complies with regulations.
Microsoft’s compliance framework ↗ consists of four tiers: A, B, C, and D. Microsoft Teams is currently Tier-C compliant, which means it adheres to the following standards:
• ISO 27001
• ISO 27018
• SOC1 Type I & II
• SOC2 Type I and II
• EU Model Clause (“EUMC”)
Microsoft is working on making Teams Tier-D compliant, which includes FedRAMP, or federal government data centers. Microsoft conducts a yearly internal audit followed by an external audit to make sure it complies with these certifications.
Content stored in Teams is preserved according to your corporate policy. Archived information includes the following:
• One-on-one chats
• Group chats
• Channel messages
• SharePoint files
• OneNote content
• Wiki content
• OneDrive for Business communication
Teams leverages existing Microsoft 365 archive management tools used for email and SharePoint files. Team chats and channel messages are archived using Exchange online storage; one-on-one and group chats are archived in individual mailboxes; and channel messages are archived in group mailboxes.
Exchange Online Protection
Exchange Online Protection (EOP) is an email-filtering cloud service that regulates spam and malware, with layers of protection distributed globally across Microsoft data centers. On top of its basic functionality, EOP also lets you generate domain-specific traffic reports, block specific senders, and preview quarantined messages.
Teams restricts access to data to only those devices that are allowed under your organization’s policies. Conditional access regulates:
• Multi-factor authentication
• Compliant or domain-joined devices
• Blocking access to a service by IP addresses or user location
• Targeting specific users within your company
• Targeting specific Microsoft apps
In Teams, the owner or moderator has the ability to delete any content that is deemed inappropriate and mute any user who fails to comply with your corporate policy. This feature was first suggested by users in the education realm. But when it was proposed to enterprise users, it was just as popular.
An administrator provides support for maintaining third-party apps as well as creating custom integrations. These apps include bots, tabs, and connectors. In addition, administrators have access to the system-wide settings in the Admin Center, enabling them to fully support enterprise users.
Windows Information Protection (WIP)
Formerly known as Enterprise Data Protection (EDP), Windows Information Protection (WIP) secures enterprise apps such as Teams against data leakage. WIP can classify all data into enterprise or personal at a user level. WIP can also restrict the copying or downloading of enterprise data and only allow permitted apps to access enterprise data. It can encrypt all enterprise data while at rest and protect it from being disclosed to public places or removable media such as jump drives.
Auditing and Reporting
The Microsoft 365 Security and Compliance Center has built-in audit logging capabilities. However, these are turned off by default. When the feature is enabled, Teams will send alerts and reports of auditing events.
Your Teams data is stored in the primary region where your team operates. Certain countries require companies to keep their data locally, so this helps them comply with federal regulations. If needed, your data can also be transferred to other locations without any user input needed. For example, if your data is on the east coast and a hurricane is barreling towards the U.S., your data can easily be transferred elsewhere.
Legal and Litigation Hold
Microsoft Teams can be configured to enable Legal Hold. This means all information in Teams is kept indefinitely so it can be saved as evidence in case your company gets involved in a lawsuit. Litigation Hold is another configuration; it stores your data even after it has been deleted. So while users can certainly “delete” their content, Microsoft will still retain copies of the data in a hidden location that only administrators can access.
Compliance Content Search allows administrators to search for information throughout Teams, including emails, documents, and chats. You can even search group mailboxes, shared calendars, and any SharePoint sites associated with the team. An administrator can find information using queries about a particular incident or legal matter, with the ability to apply filters such as case keywords, teams/channels, to/from lists, dates, sizes, message types, and file types. The search results can then be exported to an Outlook data file or PST file.
Data Loss Prevention (DLP)
Microsoft plans to leverage the work done on DLP in Exchange for the Teams arena, with plans to release this functionality sometime in 2018.
Data loss prevention identifies, monitors, and protects sensitive data. Users need to be aware that DLP enables them to manage their compliance—it does not interrupt their workflow and can even work when the user’s computer is not connected.
Advanced Threat Protection (ATP)
Advanced Threat Protection protects against spam, malware, viruses, phishing attempts, malicious links, and other threats, with increased visibility and alerts. ATP notifies you when it identifies a threat and also gives a report of any/all users involved in an incident. Microsoft plans to incorporate ATP into Teams sometime in 2018.
Specific features of ATP include:
• Real-time protection from sophisticated attacks
• Protection against unsafe attachments
• Increased visibility into potential targets
• Unsafe link blocking and URL tracing
Security and compliance are imperative in today’s world of evolving malware and data breaches, but all the red tape can sometimes get in the way of productivity. With its robust support, Microsoft Teams security and compliance features let you collaborate within and outside your organization without having to worry.
Download your eBook!
Learn everything you need to know to become the ultimate Microsoft Teams reseller
Microsoft will soon be killing off Skype for Business. Get ready for these changes now by getting to grips with all the features and end-user benefits of its replacement, Microsoft Teams.
** This article was edited on May 13, 2020