Microsoft Teams: Compliance

Posted by Dan St. Hilaire  /  April 11, 2019  /  Microsoft Office, Microsoft Office Teams, Microsoft 365   —   No Comments ↓

Team Discussing GDPR

Microsoft Teams: The Future of Workplace Collaboration

I’m proud to say that I was an early adopter of Microsoft Teams. Now it seems every day I am engaging with people using the tool, both internal staff and external clients. Even as a guest on Teams I have been able to collaborate around projects that clients have created in their tenant. My clients are experiencing firsthand how Microsoft Teams can replace email and become the primary hub for where we work together. Teams has also become an effective tool at jump-starting client awareness into how workflows can be optimized so they are more efficient in all aspects of business. Microsoft Teams offers all businesses an incredible opportunity to increase teamwork through a collaborative, modern, streamlined application.

In my role at KnowledgeWave, I’m often in routine contact with our Managed Service Provider (MSP) channel partners. A common concern we hear from partners and their clients is about compliance within Microsoft Teams. They love the idea of Teams but fear meeting compliance requirements. They want to know how they can manage compliance within Teams, which is a very valid concern especially to those in the financial services and healthcare industries. Due to regulations like HIPAA, MiFID II, FINRA Rule 3110, and GDPR, these firms must ensure they capture, store, and manage access to digital communications internally between employees as well as externally with customers, partners, vendors or regulators. 

Microsoft Compliance Center

A theme I hear in most of my engagements is a lack of awareness around the Microsoft Compliance Center. More specifically, the features and benefits the Compliance Center provides in addressing business compliance requirements. Microsoft Senior Program Manager, Thomas Binder hosted a Coffee in the Cloud session on this topic and touched on many compliance concerns that I hear about regularly. If you haven’t yet visited the Coffee in the Cloud YouTube page, jump over there now and subscribe. Binder did an amazing job highlighting how communications and documentation shared within Teams is managed to meet compliance requirements.

If you’re asking, “How do we manage compliance with Microsoft Teams”, watch the excerpt below from Binders presentation Keeping your Data Compliant. You can see the full video on Security and Compliance for Microsoft Teams on the Coffee in the Cloud YouTube channel.

Binder has many great examples and explains how chats, messages, and shared files can be audited. Additionally, he discusses how businesses can use eDiscovery to review content. He also covers retention and proactive options that enable organizations to supervise content by reporting on keywords. After watching the video, you will better understand the Microsoft Teams compliance boundaries. Specifically, Binder spends time reviewing compliance options available that include Auditing, Content Search, Hold, eDiscovery, Supervision, and Retention. In this 20-minute excerpt, he shares solutions to meet compliance requirements.

 

Microsoft Teams Compliance

 

After you’re set with compliance, you will need to drive adoption of Microsoft Teams. KnowledgeWave can help your business drive acceptance around Microsoft Teams and other Office 365 Tools.

New call-to-action

If you are interested in formal training for the Microsoft Security and Compliance Center, I would recommend the following courses for you or your IT support team. Remember, IT itself does not drive policy, they implement and support the policy per the requirements. If you are serious about compliance you need to train staff to implement and support your compliance requirements using the Microsoft Security and Compliance Center. 

These 2 courses will help ramp up anyone who supports security and compliance in their organization:

  • Microsoft 365 Security Management
  • Microsoft 365 Compliance Management. 

KnowledgeWave runs these live classes twice per month and they can be attended remotely. Please contact us for dates at 800-831-8449. 

MS101T01 Microsoft 365 Security Management

Course Overview

Learn about Office 365 Management in this one-day courses, including key components of Office 365, how to move your organization to Office 365, how to configure Office 365, and how to manage Office 365 ProPlus deployments.

Who Should Attend

This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 workload administrator certification paths.

Course Objectives

After completing this course, students will be able to:

  • Manage Security Metrics.
  • Implement Security Solutions in Microsoft 365.
  • Plan and configure Azure AD identity protection.
  • Implement Microsoft Secure Score.
  • Implement Exchange Online Protection.
  • Implement Advanced Threat Protection.
  • Manage Safe Attachments and Safe Links.
  • Implement Microsoft 365 Threat Intelligence.
  • Use the Microsoft 365 Security Dashboard.
  • Configure Advanced Threat Analytics. Implement Cloud Application Security.

Course Outline

1 - DESIGNING YOUR MICROSOFT 365 TENANT

  • Planning a Microsoft 365 On-premises infrastructure
  • Planning Your Identity and Authentication Solution

2 - CONFIGURING YOUR MICROSOFT 365 TENANT

  • Planning your Microsoft 365 Experience
  • Configuring your Microsoft 365 Experience
  • Leveraging FastTrack and Partner Services
  • Implementing Your Domain Services

3 - MANAGING YOUR MICROSOFT 365 TENANT

  • Configuring Tenant Roles
  • Managing Tenant Health and Services
Interested in Microsoft Teams? Try an Introductory Workshop!

MS-101T02 Microsoft 365 Compliance Management

Course Overview

In this two-day course, you will learn about Microsoft 365 Compliance Management, including data retention and data loss prevention solutions in Microsoft 365, archiving and retention in Microsoft 365, implementing and managing data governance, and managing search and investigations.

Who Should Attend:

This course is designed for persons who are aspiring to the Microsoft 365 Enterprise Admin role and have completed one of the Microsoft 365 workload administrator certification paths.

Course Objectives

After completing this course, students will be able to:

  • Understand Data Governance in Microsoft 365, including Archiving, Retention, Information Rights Management, Secure Multipurpose Internet Mail Extension (S/MIME), Office 365 Message Encryption, Data Loss Prevention.
  • Implement In-Place Records Management in SharePoint.
  • Implement archiving and retention in Exchange.
  • Create retention policies in the Security and Compliance Center.
  • Plan their security and compliance needs.
  • Build ethical walls in Exchange Online.
  • Create a DLP Policy from a Built-in Template.
  • Create a Custom DLP Policy.
  • Create a DLP policy to protect documents.
  • Implement policy tips Manage retention in email.
  • Troubleshoot data governance.
  • Implement information protection.
  • Implement Advanced Implementation Protection.
  • Understand Windows Information Protections.
  • Search for content in the Security and Compliance Center.
  • Audit log investigations.
  • Manage advanced eDiscovery.

Course Outline 

1 - INTRODUCTION TO DATA GOVERNANCE IN MICROSOFT 365

  • Introduction to Archiving in Microsoft 365
  • Introduction to Retention in Microsoft 365
  • Introduction to Information Rights Management
  • Introduction to Secure Multipurpose Internet Mail Extension
  • Introduction to Office 365 Message Encryption
  • Introduction to Data Loss Prevention

2 - ARCHIVING AND RETENTION IN MICROSOFT 365

  • In-Place Records Management in SharePoint
  • Archiving and Retention in Exchange
  • Retention Policies in the SCC
  • Implementing Your Domain Services

3 - IMPLEMENTING DATA GOVERNANCE IN MICROSOFT 365 INTELLIGENCE

  • Planning Your Security and Compliance Needs
  • Building Ethical Walls in Exchange Online
  • Creating a Simple DLP Policy from a Built-in Template
  • Creating a Custom DLP Policy
  • Creating a DLP Policy to Protect Documents
  • Working with Policy Tips

4 - MANAGING DATA GOVERNANCE IN MICROSOFT 365

  • Managing Retention in Email
  • Troubleshooting Data Governance
  • Implementing Information Protection
  • Implementing Advanced Information Protection
  • Introduction to Windows Information Protection

5 - MANAGING SEARCH AND INVESTIGATIONS

  • Searching for Content in the Security and Compliance Center
  • Auditing Log Investigations
  • Managing Advanced eDiscovery

Still in the early stages of deploying Office 365? Make sure to get our Office 365 User Adoption Checklist. One section included specifically addresses what’s needed around Office 365 Governance. Content creation can be explosive with Office 365. Reviewing this check list will help you identify and think about challenges like managing and controlling sprawl as your users store more content in the cloud while beginning to leverage tools like Microsoft Teams to drive collaboration. 

Click here to schedule a call for your own Adoption Planning Checklist

You might also like these related Microsoft Teams blogs:

Topics: Microsoft Office, Microsoft Office Teams, Microsoft 365