There are various ways to protect a company from a data protection crisis. Microsoft Teams is a popular tool that makes collaboration within and outside your own business easy. However, this must of course run on a secure level.

To come back to our headline: Yes, Microsoft Teams is secure if I give employees and guest users the right boundaries. What these are is of course different for every company.

Microsoft has set up various levels to ensure data security. Let’s take a look at a few of them:

Log in

Probably the best-known security risk is the sticky note with access data and passwords. Such information can often be found on the back of employee ID cards. Only each individual can change this.

> What the company can do, however, is request multi-factor identification. The best way to do this is with the Authenticator app. This is also part of the Azure Active Directory and is therefore secure. When logging in, confirmation can be requested via the app. Other login options that are more secure than a password are, for example, WinHello or an FIDO2 key.

> Once you have successfully logged in, you should check that you really are who you say you are before you can use Teams:

Is the registration from a country/region where there is no employee? Is it an unknown device? Was the change of location between logins too fast? Does the device used to log on meet the company’s requirements?

> Once the application has been checked, it must be decided how to proceed: Does he now have free access to everything or only limited access? Or should access be blocked?

The restricted access in particular will be of interest to many. For example, the user could only open documents in the web browser, but not save them.

These rules must be created in the Active Directory. You can find some additional information on the Microsoft Build page.

External employees and guest users

> Since Teams, as already mentioned, is also practical for working with external employees, many companies create an account for them in the Active Directory, with access to SharePoint etc. To make working with external employees more secure, it is better to invite or create them specifically as guests. This way, no access data can be passed on to a 4th person.

> If I only want to share a specific file with an external person, I can do this using the share function. However, the company can also specify here that sharing with a private e-mail address is not permitted. The guidelines for guests and external users are regulated here:

Application security

> To make the app really secure, Microsoft has also developed Microsoft Endpoint Manager. Microsoft Intune is part of this. Here you can manage both mobile devices and the apps themselves. This allows you to regulate what can be done via which app. Intune separates personal and company data from each other. For example, you cannot copy anything from a company file and paste it into a private file. Simply set up protection for apps in Intune .

> Across all Microsoft 365 applications, there are guidelines for preventing data loss. These policies are practical in that they can be filtered specifically for sensitive information, both locally and across the entire bandwidth of ‘365, and direct action can be taken if they are exceeded. This can take the form of blocking the content and user, for example, in conjunction with a notification to a superior. It is also possible to determine how long information is retained. And it can be trained. You might get a lot of similar notifications that turn out to be wrong because the handling of the data was necessary. The guidelines can be adapted accordingly. With Microsoft Docs you can find all the possible guidelines.

Meetings in teams

Some people worry about the safety of meetings, especially in teams.

> The Meeting ID consists of a complex ID that is always newly generated. According to Microsoft, there are around 1e86 possibilities for a meeting ID. Guessing these is probably very unlikely.

> To further improve the security of meetings, the meeting guidelines in teams should be adapted:

> There are extra meeting options for each meeting that can be customized if desired. Those responsible should be advised to always customize these options for a new meeting.

This was just a small excerpt from the respective settings that can make Teams an even more secure platform. It is really up to each company to decide exactly which guidelines should be applied. But it is important to evaluate these regulations from time to time. This is the only way to ensure long-term data security.

More information about Microsoft Teams or the Admin Center? Simply leave a message using the contact form and we will provide you with information!

We have taken these details from an English-language video from the tech community.