How to set up Microsoft Teams for security and compliance

Hello. This is Susan Bradley for CSO Online. Today I’m going to talk about Microsoft teams. If you’re a Office 365 Pro Plus user you’ve probably seen teams rolling out you. In the month of July, Microsoft included it in the monthly channel. For the rest of you guys, you actually have a drop dead deadline to rollout teams. For those of you currently using Skype for Business you face a deadline of July 30 1st 2021 to upgrade to teams. So what is teams? It’s a collaboration platform. It’s a chat platform. We’d like to call it Facebook for business. But just like Facebook there’s some security and some compliance guidance you want to follow before you won’t roll it out. And of course I would be remiss if I didn’t tell you how to stop the teams up automatically starting on Windows. And here’s a blog post by Tony Redmond on how to do that. For some people they don’t want to use teams because they’re very light users of of word or outlook. But for others you want to embrace teams. Just like with many things in Office 365 depending on what license you have means that you have the ability to control certain things. For example if you want to set rules for team and channel naming or set policies including rules for prefix suffix custom blocked words you’ll need an Azure P1 license. If you have a basic that won’t be enough in order to set these policies. Some settings also have H.R. impact for example. Even with the basic policy setting of Azure AD you can set a policy that team members that they can either edit or not edit sent messages and or delete messages. In order to set that you go into the team’s Admin Center dashboard. Click on teams. Click on manage teams. Highlight the team in question and click on edit on the right hand side you’ll see selections for conversations and channels and by default it set that team members can edit sent messages and delete sent messages. Now obviously depending on your circumstances you may not want that to occur. You may want to have a policy that says Nope sorry once you send them you can’t delete them. So again think of these policy settings before you start to rollout out teams. Here’s another setting and teams that I highly recommend. But I want to show you that you may not see it depending on your license. For example I’m in the normal Office 365 business license. And normally I recommend that you go in to Office 365 threat management settings and look to see what policies you have. And one of them I recommend is Office 365 ATP. Notice in this subscription I don’t have the ability to turn on ATP safe attachments. Why? Because I’m not licensed for it. So. you can add it on as an additional license or you can choose a subscription from the get go that has that ability. So here I am in another subscription that I have. And I want you to go down to threat management. Policy. And notice I do have ATP attachments here and we want to set that out first for Teams. Click on the tile. And you want to make sure that turn on ATP for SharePoint one drive and Microsoft teams is enabled. Again if you don’t have it I highly recommend that you discuss the options to upgrade to it. Because I really suggest that ATP is on for all Office 365 plans. Two more settings that I highly recommend includes external access and cloud settings. So first on external access I want you to go to the team’s Admin Center. And I want you to go to the organization wide settings down here. And first click on external access. And decide whether or not you want to have external domains connecting to your Skype for business or teams depending on your organization. You may not want that. You may want to set that to off. Here’s also guest access again by default guest access is off. You may or may not want to set that. Next I want you to go down to team settings. And scroll in this area to see what other settings you want to have. You may want to disable some fat file sharing and cloud file storage options in the files tab. You may want to turn off share file Dropbox box and Google Drive. Discuss this in your organization. Set the policies accordingly. Bottom line teams can provide a great way to. Introduce productivity and much more communication in a firm it can provide chat shared calendars you can use it for calls you can share files. But you can also introduce some security and compliance issues. You want to make sure you take the time to plan for your rollout and building security and compliance from the get go. So until next time this is Susan Bradley for CSO Online. Don’t forget sign up for the TechTalk channel from IDG for the tech news of the day. Thank you again.