Let’s Talk MS Teams: Best Practices & Lessons Learned for Teams Provisioning & Governance

By Mike Zawisza posted 08-31-2021 11:49


With over 250 million monthly active users, Microsoft Teams has become the top collaboration platform for remote and hybrid work. With a wide array of collaboration tools and deep integration with the entire Microsoft 365 suite, it’s no surprise that Teams is truly changing the way we work, collaborate, and communicate.
That being said, Teams still has its quirks and limitations that organizations need to address if they want to truly leverage their investment and get as much out of the platform as possible.
Over the last year and a half, we’ve worked with many organizations in helping them deploy and manage Teams, so we’re happy to bring you some of our best practices regarding adoption, provisioning & governance, and data protection.  
Half-hearted Adoption Isn’t the Answer 

With all of its features and the ability to integrate with other Microsoft products and even other collaboration systems, rolling out Teams can be a massive undertaking. Organizations that underestimate the resources necessary to adopt Teams may get discouraged and only use it for a few features, such as chat and meetings.
While this still adds some value, it doesn’t come close to leveraging the full value of the platform. Organizations must adopt Teams for total integration with Microsoft 365 as well as their existing systems (such as the Document Management System or DMS). This allows your organization to initiate projects through right from Teams through Microsoft’s wide array of apps. You can also plan and organize these projects and matters through your Teams and Channels. Only then will your organization begin to see why Teams is changing the game in terms of hybrid work.
Integration with your other virtual collaboration systems is huge, but in order to ensure safe and efficient collaboration between internal and external users, provisioning of your Teams Channels and workspaces is a must.
Reduce Chaos through Provisioning 
Organizations often rely on more than one collaboration platform – like the DMS, CRM, and more – to carry out matters and projects. As the number of matters grows, so too does the risk of a cyberattack.
This is because when left to their own devices, users will create numerous Teams for one matter with names and Channel structures most convenient to them. This creates immense data chaos and leaves data floating vulnerable around your systems.
When carried out across multiple collaboration systems, this practice can quickly spiral into chaos and become a nightmare for any organization’s risk, privacy, and compliance professionals. They will be lost among a sea of data, uncertain of how to locate specific projects and matters in order to assign disposition and security policies. Even worse, in the event of a cyberattack, they won’t be able to seek out affected data and respond promptly.  
To remedy this issue, organizations must create logical storage locations for users to save data through provisioning. Teams offers out-of-the-box provisioning with default templates to help provision and structure your Channels. But this method can be quite time-consuming and opens the door for human error.  

Automating this process through a software solution – like Prosperoware CAM – can help address data chaos and governance issues to mitigate privacy and cybersecurity risks. CAM enables automatic and on-demand provisioning of Teams, Channels, SharePoint sites, OneDrive folders, OneNote, Planner, Lists, internal and external users & groups, and more, with standardized naming conventions and templates to fit simple and complex use cases.    

Monitor External & Internal Users and Practice Data Protection 
If human error is the leading cause of most cyberattacks and data breaches, it’s paramount to monitor users and ensure that collaboration is not only efficient, but safe and secure as well.
While provisioning and governing your Teams workspaces helps mitigate human error, there are plenty more methods you can use to protect your organization’s data.

(Image Courtesy of Microsoft) 
Establishing a zero-trust security policy or similar model is one such solution. Through this model, users are given the least access privileges and have rights added or removed as the lifecycle of a project changes. Not only does this ensure that users aren’t accessing data they shouldn’t, but it prevents them from haphazardly inviting other external users to join the fray as well.
Another tentpole of data protection is creating an archive of your organization’s most sensitive data in Azure or AWSwith security & metadata stored in a separate solution, such as Prosperoware CAM. In the event of a breach, your organization can use a One-Time Password (OTP) to access these important files and maintain business continuity.  

Finally, organizations should also engage in data minimization. This practice entails deleting data that is no longer necessary or serves no business purpose. It reduces storage cost because you don’t have to pay for it. And not only that, deleting excess data cuts down on the number of files available for hackers to poach.

When it comes to effective data protection, less data and access privileges means less risk.

How Prosperoware Helps 
Prosperoware CAM is a Software-as-a-Service platform (SaaS) for adoption and governance of collaboration systems. It allows organizations to provision, classify, protect, move, and minimize data, mitigating data chaos and reducing risks related to privacy & cybersecurity.
CAM enables organizations to create logical locations for users to place data. It provides rich custom metadata, empowering users to locate documents, and risk management teams to understand business context in order to apply the right security & data minimization policies.
CAM integrates with Microsoft 365 (Microsoft Teams, SharePoint Online, OneDrive, OneNote, Planner, Lists), iManage, NetDocuments, HighQ, and more to come.
Here is what CAM can do for you:
- Provisioning of workspaces, Teams, Channels, Lists, users & groups, and folders from Project Portfolio Management, CRM etc., or through a human workflow using readily available templates.

- Rich, custom metadata for project or document context.

- Unified project directory for content location for end users and risk management teams.

- Provision automatically or on-demand internal & external users, manage permissions across collaboration systems, and integrate with leading ethical wall systems.

- Data Loss Prevention (DLP) with activity monitoring and bulk security & metadata changes.

- Data protection by creating a separate archive of documents to access in case of incidents.

- Minimize data by setting automatic data disposition policies or apply litigation hold.