11 July 2022: MN Microsoft 365 User Group (mn365.org) | Online event
Implementing Microsoft Teams lifecycle governance to stop Team sprawl
Deep dive into the pragmatic ways to manage Microsoft Team sprawl.
Microsoft Teams has become crucial in supporting remote and hybrid working, allowing users to work, collaborate, and learn from any location and any device.
However, for many organizations, the move to Microsoft Teams was in a direct response to the COVID -19 pandemic. Often the result was a tactical rather than a strategic deployment of Teams.
This has resulted in the uncontrolled growth of Teams. Leading to unforeseen challenges such as Team sprawl, stale content, duplicate content and general user confusion. This in turn increases the risks of data overexposure and the use of shadow IT by dissatisfied users.
In this session, I will look at.
-Why does Teams sprawl occur?
-What are the biggest risks of Teams sprawl?
-Why does governance need to extend beyond technology?
-How to mitigate the risk of Team sprawl through managing your workload and content lifecycle.
2. About the Speaker
Nikki Chapple
Principal Cloud Architect
www.nikkichapple.com
https://www.linkedin.com/in/nikkichapple/
@chapplenikki
Specialising in Microsoft 365 and Teams
governance and compliance
3. Issues
The importance of the rule book
Teams creation governance
Reporting
Team lifecycle governance
Case study
14. Impact of Limiting Team Creation
App or service Experience
Outlook No option to create a group
Planner Add plan to an existing group
Project for the web Suggests using an existing group
SharePoint Still able to create a team site that is not connected to a group
Teams Create team from a group
Yammer No option to create a community
21. Sensitivity Labels for Groups, Teams & Sites
Privacy
Private
Public
User selects
External access
Internal only
Allow guests
Allow email from
guests
Yes
No
SharePoint site
sharing settings
Internal only
Existing
guests
Existing &
new guests
Anyone
Azure Conditional
Access: Access
SharePoint site
from unmanaged
devices
Full access
Web only
Block
Azure Conditional
Access:
Authentication
context
Enforce MFA
Terms of Use
App
protection
MCAS block
download
Site sharing
Owner only
Member
only folder
and sile
Member
site, folder
and sile
File sharing
default link &
permissions
Specific
people
organization
Anyone
Edit
View
22. Azure AD Group Naming Policy
• Blocked words
• Group naming
• Prefix or suffix
• Static text or User attributes
23. Customized (Build) - Request a Team app
User requests
a new Team
Create from
scratch or
template
Naming
standard &
duplicate
check
Add sensitivity
labels,
justification
Multiple
owners
Approval
If approved
Team created
Requesters
and approvers
can track
status
24. Request a Team app Demo
OfficeDev/microsoft-teams-apps-requestateam: Power Platform based solution
that allows users to request teams and automates team creation. (github.com)
27. Standard reporting – SharePoint site usage
Site Id Site URL Is Deleted
Last Activity
Date Site Sensitivity Label Id
External
Sharing
Unmanag
ed Device
Policy
Geo
Location File Count
Active
File
Count
89cf5d8f-8a4c-4a2c-82e6-
ae507c955a14 https://contoso.sharepoint.com/ FALSE 09/11/2021 TRUE None GBR 67 2
0ab16148-23f1-4643-9c18-
523f8a45055b
https://contoso.sharepoint.com/sites/L
ondon FALSE 08/11/2021 TRUE None GBR 33 1
31bcbc79-457b-4c30-ae20-
5502eb7bfb06
https://contoso.sharepoint.com/sites/M
essageCentre FALSE 08/11/2021 TRUE None GBR 1348 6
37a8ad71-459a-4811-90a4-
a745564fb626
https://contoso.sharepoint.com/sites/C
ontoso FALSE 08/11/2021
c9c61b1e-f782-4589-afe3-
ba638c508fc9 TRUE None GBR 15 1
6563c670-4dc4-4b4f-a185-
3c2bec2989a2
https://contoso.sharepoint.com/sites/R
equestATeamAdmins FALSE 08/11/2021
e3b9ced6-50ff-467c-81b5-
d36d57d078f4 TRUE None GBR 2 1
Location
• Microsoft admin center:
https://admin.microsoft.com/Adminportal/Home?source=applauncher#/reportsUsage/SharePointSiteUsageV1
Limitations
• No Teams indicator
• No Group name so cannot cross match
• Maximum period 180 days
28. Available but
fragmented
• Last active date
• Activity levels
• No of users
• No of guests
• Sensitivity labels id
• External sharing
• Geo location
Not available
• Owning BU
• No of owners
• Team type
• Required duration
29.
30. Ownerless Teams
Leaver process
• User account closed
• Cannot see if they are
owner of a group
Teams Admin
• Can scroll through Teams
and see an ownerless
team
• Cannot export or filter
Teams
33. Microsoft 365 Group Expiration flow
ReferenceMicrosoftExpiration,Expiry,Groups,O365,O365 groups,policy (microsoft.com)
Ifgroup is not renewed it expires.
Expiration will delete your Team
including chats and files
35. Azure AD Group Expiration configuration
Limitations
• Only one policy
• If you use Selected then how will you add new Teams to the policy
• Expiration will delete your Team including chats and files
36. Action
• Result of group expiration
• Owner or admin can delete
• Can restore group
Warnings
• After 30 days data is lost
Decisions
• Keep what data you need outside
of Teams
• Then delete Team
37. Action
• In-place archive
• Freeze activity
• Chat and optional Site become read only
Considerations
• Owner can still edit Teams
• Discoverable in search
Limitations
• Manual process
• Included in expiration review
• Does not reduce sprawl
38. Retention policies
Purpose
• Compliance scenarios
• Its not a backup
Action
• Retain only
• Retain and delete
• Delete only
Limitation
• Not event based unless you have E5 Compliance
licencing
Decisions
• Not all data is the same
• Where should final data be stored
39.
40. Out of the box
Governance
controls
Not available
• Duplicate team
check
• Approvals
• Ownerless groups
• Rules based
governance
Basic
• Control team creation
• Team templates
• Naming standard
• Reporting
• Expiration
• Archiving (in place)
• Retention
Comprehensive
• Sensitivity labels
41. Build - Request a Team
• Good for Team creation
• No lifecycle governance
• Complex to develop
• Lack of support
• No insights
Buy - 3rd party Team
lifecycle governance
• End to end lifecycle
governance
• User driven with
templates
• Fully supported
• Development roadmap
• Reporting and insights
44. A Company
Global organization with
multiple operating companies
25K plus users
Digital strategy: Consolidate to
Microsoft 365 & Teams
45. Start - no governance or standardization
27,000 Groups &
Teams
400 to 600
created
per month
250 TB
SharePoint
limit
reached
46. Groups and Teams governance implemented
6 months
•Group
expiration policy
renewal period
2 or
more
•Number of Team
owners required
50%
•Reduction in
Teams