Collaboration is key in our global economy. More and more companies operate location-independent across multiple countries, capitalising the advantages of online connections and real-time collaboration.
However, the productivity gains of modern technology and online collaboration platforms, such as Microsoft Teams, can quickly turn into a headache for an IT department who has to minimise security issues and risks for data leakage.
“As Teams brings together so many elements of Microsoft 365, including files, you need to make sure that your data is safe and that you structure and organise things so they are easy to retrieve”, recommends Alana Burman-Reynard, Head of Solutions at The Missing Link.
Security features to keep collaboration safe
- Microsoft offers a range of security features. The goal is to keep the collaboration platform safe with enterprise-grade security and compliance of Microsoft 365 so that everyone can work and collaborate confidently. Identity & Access Management protects identities and controls access to resources based on user risk level.
- Information Protection keeps sensitive information safe wherever it lives or travels.
- Threat Protection looks after advanced threats and minimises the aftermath of attacks.
- Security Management gains visibility and control over security tools.
- Cloud Security safeguards your cross-cloud resources.
- Microsoft Endpoint Manager keeps the modern workplace efficient.
Here are Alana's five security tips every IT department should know about:
1. Restrict applications that can be added to Teams
The App Store in Teams has numerous Microsoft and third-party applications that users can add to Teams. To ensure that applications are vetted first and stop users unwittingly sharing confidential data with a third party, we recommend implementing Teams application permission policies. Block all third-party applications and whitelist the ones you do approve. Implement a process for users to request applications to be added to the whitelist.
2. Install multi-factor authentication (MFA)
MFA forms part of the larger Microsoft 365 security, so enable MFA for your M365 tenancy to improve cyber resilience.
3. Restrict third-party cloud storage
Allowing to add third-party cloud storage providers, such as SharePoint, Dropbox, and Google Drive presents a potential data leakage issue. We recommend restricting the providers according to business guidelines.
4. Control guest access
Adding guests into Teams is a very powerful collaboration tool when working with customers and suppliers, but also poses a potential security issue. If guest access is enabled, your guests can see all your channels, files, and tabs within your team. What can you do to decrease risk with guest access?
- Restrict permissions for who can add guests. Establish a process that requires a submission request, vetting of the guest, and authorisation from a specific group of people.
- Create a team naming convention that will easily identify teams that have external people added to them - for example, preface the team name with EXTERNAL.
- Revoke guest permissions from internal teams only to ensure that a guest can't be added by mistake and to protect confidential data. Combined with a team naming convention, you can automate this process using Powershell to ensure there aren't any gaps.
- Establish a guest account process that adds and removes guests promptly.
- Implement alerts when guests are added to Teams.
5. Control which devices can access Teams
Use Mobile Device Management to ensure that only business supplied or approved devices can access Teams and Microsoft 365, which means that you prevent users from logging in from unknown or possibly compromised devices.
Need assistance in protecting your collaboration platform?
Contact us today! As one of Australia's most awarded IT companies, our team can assist you in securing your Teams.
If you liked this article, you may also like:
Our tips and tricks for Microsoft Teams
Simplifying communication through Cloud Voice
Private vs. public cloud: pros and cons