Many teams are required by law or corporate policy to adhere to security and compliance regulations, but this can often complicate document management and sharing. Fortunately, Office 365 apps like Microsoft Teams come equipped with enterprise-grade security and compliance support. Let’s take a look at how Microsoft Teams security and compliance features protect your data and ensure your company complies with regulations.

 

Is your Office 365 instance safe? Click here to learn more about Office Protect and how it can help secure your data from hackers. 

 

Certifications

Microsoft’s compliance framework consists of four tiers: A, B, C, and D. Microsoft Teams is currently Tier-C compliant, which means it adheres to the following standards:

• ISO 27001
• ISO 27018
• SSAE16
• SOC1 Type I & II
• SOC2 Type I and II
• HIPAA
• FERPA
• GLBA
• EU Model Clause (“EUMC”)

Microsoft is working on making Teams Tier-D compliant, which includes FedRAMP, or federal government data centers. Microsoft conducts a yearly internal audit followed by an external audit to make sure it complies with these certifications.

Archiving

Content stored in Teams is preserved according to your corporate policy. Archived information includes the following:

• One-on-one chats
• Group chats
• Channel messages
• SharePoint files
• OneNote content
• Wiki content
• OneDrive for Business communication

Teams leverages existing Office 365 archive management tools used for email and SharePoint files. Team chats and channel messages are archived using Exchange online storage; one-on-one and group chats are archived in individual mailboxes; and channel messages are archived in group mailboxes.

Exchange Online Protection

Exchange Online Protection (EOP) is an email-filtering cloud service that regulates spam and malware, with layers of protection distributed globally across Microsoft data centers. On top of its basic functionality, EOP also lets you generate domain-specific traffic reports, block specific senders, and preview quarantined messages.

Conditional Access

Teams restricts access to data to only those devices that are allowed under your organization’s policies. Conditional access regulates:

• Multi-factor authentication
• Compliant or domain-joined devices
• Blocking access to a service by IP addresses or user location
• Targeting specific users within your company
• Targeting specific Microsoft apps

Moderator Support

In Teams, the owner or moderator has the ability to delete any content that is deemed inappropriate and mute any user who fails to comply with your corporate policy. This feature was first suggested by users in the education realm. But when it was proposed to enterprise users, it was just as popular.

Admin Support

An administrator provides support for maintaining third-party apps as well as creating custom integrations. These apps include bots, tabs, and connectors. In addition, administrators have access to the system-wide settings in the Admin Center, enabling them to fully support enterprise users.

Windows Information Protection (WIP)

Formerly known as Enterprise Data Protection (EDP), Windows Information Protection (WIP) secures enterprise apps such as Teams against data leakage. WIP can classify all data into enterprise or personal at a user level. WIP can also restrict the copying or downloading of enterprise data and only allow permitted apps to access enterprise data. It can encrypt all enterprise data while at rest and protect it from being disclosed to public places or removable media such as jump drives.

Auditing and Reporting

The Office 365 Security and Compliance Center has built-in audit logging capabilities. However, these are turned off by default. When the feature is enabled, Teams will send alerts and reports of auditing events.

Location

Your Teams data is stored in the primary region where your team operates. Certain countries require companies to keep their data locally, so this helps them comply with federal regulations. If needed, your data can also be transferred to other locations without any user input needed. For example, if your data is on the east coast and a hurricane is barreling towards the U.S., your data can easily be transferred elsewhere.

Legal and Litigation Hold

Microsoft Teams can be configured to enable Legal Hold. This means all information in Teams is kept indefinitely so it can be saved as evidence in case your company gets involved in a lawsuit. Litigation Hold is another configuration; it stores your data even after it has been deleted. So while users can certainly “delete” their content, Microsoft will still retain copies of the data in a hidden location that only administrators can access.

Search Content

Compliance Content Search allows administrators to search for information throughout Teams, including emails, documents, and chats. You can even search group mailboxes, shared calendars, and any SharePoint sites associated with the team. An administrator can find information using queries about a particular incident or legal matter, with the ability to apply filters such as case keywords, teams/channels, to/from lists, dates, sizes, message types, and file types. The search results can then be exported to an Outlook data file or PST file.

Data Loss Prevention (DLP)

Microsoft plans to leverage the work done on DLP in Exchange for the Teams arena, with plans to release this functionality sometime in 2018.

Data loss prevention identifies, monitors, and protects sensitive data. Users need to be aware that DLP enables them to manage their compliance—it does not interrupt their workflow and can even work when the user’s computer is not connected.

Advanced Threat Protection (ATP)

Advanced Threat Protection protects against spam, malware, viruses, phishing attempts, malicious links, and other threats, with increased visibility and alerts. ATP notifies you when it identifies a threat and also gives a report of any/all users involved in an incident. Microsoft plans to incorporate ATP into Teams sometime in 2018.

Specific features of ATP include:

• Real-time protection from sophisticated attacks
• Protection against unsafe attachments
• Increased visibility into potential targets
• Unsafe link blocking and URL tracing

Security and compliance are imperative in today’s world of evolving malware and data breaches, but all the red tape can sometimes get in the way of productivity. With its robust support, Microsoft Teams security and compliance features let you collaborate within and outside your organization without having to worry.

Download Our Free PowerPoint Deck!

7 Free Things You Can Do to Improve Your Office 365 Security Posture

Find out what you can be doing to better protect your Office 365 environment, why you should be taking these precautions and a step by step guide of how to implement these procedures.

Thank you! We've just sent you your deck.

Written by Sophie Furnival Marketing Communications Manager @ SherWeb

Sophie leads a team of expert marketers in charge of building SherWeb’s brand awareness. Responsible for activities such as email marketing, social media and driving organic web traffic, her role is critical to ensuring SherWeb is recognized and respected by prospects, partners, competitors and other stakeholders. Sophie has extensive experience working in journalism and corporate communications for different industries, including science, technology and the non-profit sector. When she’s not championing SherWeb’s brand, Sophie enjoys diving, cooking and watching The Office.