3. Session Objectives
During this session we will look at the
compliance components for Microsoft
Teams, which include:
ď§ Retaining and holding data (data storage | retention | eDiscovery & holds)
ď§ Information and communication protection (data loss prevention | information
barriers | communication compliance)
ď§ Auditing
6. What do you want to retain?
⢠Conversations
⢠Chats
⢠Files/documents
⢠Private channels
Policy based retention
Make sure to create a policy for both
Teams and the SharePoint Online sites.
Donât forget the private channels site-
collections if you need these as-well.
eDiscovery
⢠eDiscovery cases
⢠Content search
Microsoft Teams compliance
Retaining information and conversations
7. Cosmos DB
Chatâs and conversations are stored in memory (for quick
retrieval) and Azure Cosmos DB.
Media and other items
Images and other media are stored in Microsoft Teams
Content Delivery Network or CDN.
Whatâs not recorded?
Reactions (likes) | Recordings of audio messages |
Code snippets in conversations | Private channels.
Exchange Online or on-premises
For eDiscovery and legal holds, a substrate of chatâs and
conversations are stored to the email boxes in Exchange.
These contain links (for example to shared files), the message
subject and the people in the chat.
Microsoft Teams compliance
Anatomy of a conversation
8. Exchange email boxes
The conversationâs compliance records are
stored in a hidden folder under the
Conversation History folder. This folder is
named Teams chat. During retention the
conversations are moved to the hidden
folder SubstrateHolds
Substrates
These are represented using an e-mail. You
can open these using MFCMapi.
Teams chat folder
This folder is hidden from the GUI. But you
can access it using MFCMapi.exe
(https://github.com/stephenegriffin/mfcmapi/releases/latest)
Microsoft Teams compliance
Anatomy of a conversation
9. Channels
Every channel is represented by a folder in the
SharePoint siteâs document library. Private
channels are separate SharePoint sites.
Other locations
If allowed, other locations can be added for
files. These will not be covered by Microsoft
365, unless you use Microsoft Cloud App
Security (to a certain extend).
Chat
Files are stored in the senderâs OneDrive.
Permissions are added so that the recipient(s)
can access the files (these can be changed).
The files are stored in the folder Microsoft
Team Chat Files.
Use PowerShell to get all (private) channels
Get-Team and Get-TeamChannel -GroupId -MembershipType Private
Get-SPOSite -Limit All -Template "TEAMCHANNEL#0"
Microsoft Teams compliance
Anatomy of document storage
13. Data loss prevention
Acts on conversations and chats;
You can use keywords or sensitive information types;
Conversations are blocked.
Classification labels
Uses Sensitivity Labels;
Manage the external access and sharing option;
Manage the privacy setting of a Team.
Information Barriers | Communication compliance
Protect against sharing and using specific information
in communications
Microsoft Teams compliance
Information and communication protection
15. Teams
The barrier acts when:
- Members are added to a team;
- A new chat is requested;
- A user is invited to join a meeting;
- A screen is shared between two or more users;
- A user places a phone call (VOIP) in Teams;
SharePoint site segments
Share with "Anyone with the link" is disabled;
Sharing only with people in the segment;
New users can only be added when the segments
match.
Components
Segments | Policies | PowerShell (Security & Compliance) â
GUI is coming | Microsoft 365 E5
Microsoft Teams compliance
Information Barriers
17. Insider risk management
Set-up a policy to check for unwanted or undesirable
communications;
Can be set to âanonymousâ to protect privacy;
Users need to be added individually or using groups.
Channels and chat
Includes public and private channels and individual
chats;
Uses sensitive information types, keywords or trainable
classifiers.
Microsoft Teams compliance
Communication compliance
20. Wrap up
ď§ Microsoft Teams is user-friendly, but complex
ď§ Beware the licensing (information protection, eDiscovery and
more)
ď§ Private channels are still an issue
ď§ Donât forget the security & governance baseline for Teams
ď§ https://docs.microsoft.com/en-us/microsoft-
365/solutions/collaboration-governance-
overview?WT.mc_id=EM-MVP-5003084