Microsoft Teams governance best practices

By Matthias Einig

Microsoft Teams is the hub for teamwork within Microsoft 365. From Meetings, calling, and chat, to content collaboration, apps, and workflows, users are fast becoming accustomed to the productivity Teams provides. Rapid adoption means many are needing to address Microsoft Teams governance retrospectively.

Here are your definitive Microsoft Teams governance best practices to help you stay in control and maintain security in your collaboration platform.

IT Departments are now playing a crucial role in securely facilitating remote collaboration. With unsuspected growth at the turn of the year, Microsoft’s Teams team has seen 20x the meeting minutes, 115 million active daily users, and 600% growth in the Teams platform. These numbers are not slowing down.

Securing data is one key priority, as remote working can leave admins and platform owners feeling out of control as users work flexibly across multiple devices, compared to traditionally having everything secured in a single location.

It’s crucial to bring back control, and Microsoft Teams has enterprise-level security compliance and manageability to help, but you need so much more. First, you must also have a clear understanding of who is responsible when it comes to securing and governing your environment.

Understand the shared responsibility model

Security and compliance are a shared responsibility between your organization and Microsoft. The objective is to classify and detect sensitive data, so you protect IT.

Microsoft teams governance best practices in-text image 2

Responsibility is divided between Microsoft and organizations accordingly. It is Microsoft’s job to protect the service, in this case, Teams, while organizations must protect data, identities, and devices. Together you work towards increasing your compliance and security position.

Create a shared responsibility model in-house

Information governance has three stakeholder groups:

Business information workers:

  • where most of the teamwork happens.

Legal risk, compliance, and governance teams:

  • who understand the laws and legislations of the business.

IT Teams:

  • who control, implement, and configure with the security and retention of information in office 365.

You need to make sure each of these groups buys into your governance approach and understand where responsibility lies. The line of communication needs to be clear.

Do not apply a blanket governance approach

Not all teams are equal in an organization, and you cannot classify all Teams with the same governance approach. However, not doing so is incredibly challenging.

A lot of collaboration happens within departments, and this is where Team sites become more unstructured and harder to track. It’s important that your governance approach mirrors the needs of your users and is flexible enough so users can still reach business goals.

Provide consumable governance

Another reason why governance plans become ineffective is the way they are presented. Traditionally, a governance plan is one large document with many pages. No one wants to read it. Therefore, the governance plan becomes useless.

If you want governance to be effective, it needs to be consumable and easily accessible. Remember: the reason we need a governance plan is to be able to achieve our business goals.

Build a resource centre

Building a resource centre makes it easier to consume your governance plan. Your resource centre should be easy to navigate and include learning materials and training resources, which foster training and user adoption.

This approach to governance information architecture and user adoption will serve better than a traditional governance plan because it will be more user friendly, less daunting, and effective at reaching business goals.

Scale governance through automation

Microsoft is adjusting and creating cloud services that help you successfully navigate the current digital transformation challenges.

Microsoft teams governance best practices in-text image 4

Governance must evolve with Microsoft and facilitate administrators and platform owners with a way to navigate their own continuously growing environments and stay in control – a challenge many understand and who are searching for solutions.

Automating arduous manual tasks that are related to governance operations is the next step to keep pace with Microsoft innovations. Let’s look at that in more detail.

Data collection automation

Discovering information to understand your Teams environment quickly is a challenge. Many need a way to create an automatic inventory of unused sites, orphaned resources, and things that violate your governance rules. Having information like this instantly and visualized through dashboards means you can be agile and act quickly to ensure governance and security in your Microsoft Teams environment.

Aggregating and reporting automation

Creating reports is a top priority. Individuals want to give stakeholders a report on the current governance situation, which is easy to decipher.

Replacing this manual process by automatically generating and grouping reports tailored to various stakeholders means you can easily schedule reporting cycles containing the latest reports and dashboards on a daily, weekly, or monthly basis.

Automate fixing and delegating tasks

People want their governance plans to be actionable in the most optimal way. For instance, if there is an inactive site that hasn’t been used in the last sixty days, and you would like permission to delete or archive it, this action must align with existing business processes and be acted upon swiftly.

Automatically identifying and getting in touch with users after critical activity by integrating into Power Automate, Teams, or Email means you can swiftly act and solve governance violations.

If you are looking to scale you governance approach, I recommend looking into Rencore Governance. It provides flexibility and efficiency by bringing automation to Microsoft 365 governance.

Matthias is a Microsoft MVP, co-founder, and CEO at Rencore. Originally published HERE