Why We Are Securing Microsoft Teams by Restricting Public Team Creation
Overview
Microsoft Teams is a powerful collaboration platform that enables seamless communication and file sharing. However, unrestricted creation of public Teams groups can introduce significant security and compliance risks. To safeguard our environment, EIT will be restricting public Microsoft Teams creation to administrators only.
Key reasons for this change
1. Protecting Sensitive Information
Public Teams are visible to all users within the organization. Without proper oversight, confidential data could be inadvertently exposed. By restricting to administrator creation, we ensure that only appropriate content is shared in public spaces.
2. Reducing Risks
Uncontrolled public group creation can lead to fragmented collaboration and unmanaged data repositories. This increases the likelihood of non-compliant practices and makes it harder to enforce organizational security standards.
3. Compliance and Governance
SMU must adhere to strict data protection and privacy regulations. Admin-controlled creation allows us to:
- Apply naming conventions and classification labels, if necessary.
- Maintain audit trails for accountability.
4. Preventing External Access Vulnerabilities
Public Teams can be configured to allow guest access. Without oversight, this could result in unauthorized external users gaining visibility into internal discussions. Admin intervention ensures guest access is properly vetted and approved.
5. Aligning with Microsoft Best Practices
Microsoft recommends limiting public team creation to reduce exposure and maintain governance. Recent updates emphasize stronger admin controls for Teams resource accounts and permissions, reinforcing the need for centralized management.
How This Policy Works
- Default Setting: Users can create private Teams without administrator intervention.
- Public Teams: Requests for public Teams creation or conversion of Private Teams to Public, can be submitted through the EIT Help Desk.
- Review Process: Requests are reviewed for compliance, security, and business justification before enabling creation or conversion.
Benefits to Users
- Enhanced security for organizational data.
- Consistent structure for collaboration spaces.
- Reduced risk of accidental data leaks.