Five Good Practices to Keep Your Microsoft Teams Content Safe

by | Oct 8, 2020 | Blog, Compliance

Security is always a major factor for any IT department.

According to Accenture, 68% of business leaders feel their cybersecurity risks are increasing and Varonis find that on average, only 5% of companies’ folders are actually properly protected.

Some of the most common attacks include phishing, whaling, social engineering, Distributed Denial of Service (DDoS) attacks, malware and ransomware. And worse still, there are new malware and viruses being discovered every day. Varonis recently discovered the Monero cryptojacking malware during a cryptojacking investigation that secretly plagued a company for over a year.

With remote working back in vogue again, communication and collaboration are key. In these challenging times, many organisations have experienced rapid and sometimes hasty adoption of Microsoft Teams. So, how secure are your Microsoft Teams? And how can you keep your content within Microsoft Teams safe?

In this blog post, we discuss five best practices to help boost the security of Microsoft Teams in your organisation.

1) Understand how Microsoft Teams deals with cybersecurity breaches – and the loopholes

Microsoft Teams uses the Private Key Infrastructure (PKI) features that are available in the Windows Operating System to protect all the key data used for encryption for the Transport Layer Security (TLS) connections.

This is leveraged to manage various potential cybersecurity breaches, such as network Denial of Service attacks, eavesdropping, identity or IP address spoofing, Man-in-the-Middle attacks, as well as RTP replay attacks, spam, viruses and worms.

As Teams is designed with an open permissions model to promote user agility, collaboration and efficient communications, it can be challenging for IT departments to track and control app usages, as well as the management of data lifecycles and potential data leakages.

The key is the ability to strike a balance between enabling communications and sharing files in an open, collaborative environment, while adhering to strict security protocols – such as HIPAA and PCI DSS security compliance standards – that can encroach on this very openness.

Our recommendation is to set up an information protection architecture (ideally before you roll out Microsoft Teams across your organisation) to prevent possible data leakages and help adhere to legal and compliance requirements.

There are several out-of-the-box features in Microsoft 365 to help you with this, such as:

  • leveraging eDiscovery features
  • creating content search functionalities using rich filters
  • creating data retention policies to help classify sensitive content
  • enabling Advanced Threat Protection (ATP) features
  • setting up Data Loss Prevention policies to automatically block unauthorised users from sharing content
  • configuring backups
  • setting up automated content labelling policies

2) Establish a centralised or global Teams management group to determine user access permissions

Once you have created the information protection architecture that is bespoke to your organisational requirements, another way to effectively handle security is by establishing a centralised or global management group within Teams, where users have exclusive permissions to configure the overall settings across the organisation.

These permissions include:

  • creating new groups and teams
  • setting up Multi-Factor Authentication for users to log into their Microsoft Teams accounts (more on this later)
  • setting permissions for users to communicate with individuals outside the organisation and providing guest access to those who are meeting or working temporarily
  • setting authentication requirements for downloading content shared within meetings in Teams
  • enabling or disabling file-sharing and cloud storage facilities on a per-user basis

3) Set up Multi-Factor Authentication

Gone are the days where passwords alone are enough to protect systems from security breaches!

Multi-Factor Authentication (MFA) is the process through which users are required to provide additional credentials, such as a security code sent to them on their mobile device, a fingerprint, or biometric data, in order to log into a system.

MFA can be set up within your Microsoft 365 package and this will include Teams; thereby helping your IT department stay in better control of tracking who is – and who shouldn’t be – accessing Teams (and all the content shared and stored within it) across your organisation.

In Microsoft 365, you can enable MFA on both a blanket-wide, organisational level, or on a per-user basis.

4) Audit user activity and external content sharing

There is also a number of supervision policies available in the Microsoft Teams Admin Center that can help your IT department keep tabs on user activity, such as:

  • the devices and times users log in and out of Teams
  • their Chats, in both one-to-one conversation windows and Teams Channels
  • the content they are sharing both internally and externally

Usage can also be monitored through the various built-in analytical reports, available in the Microsoft 365 Admin Center and Power BI.

Other steps your IT department can adopt to keep the content in Microsoft Teams safe are:

  • consult with stakeholders to determine the level of privileged access users should be given across Microsoft 365, including Teams, as well as creating different Channels, Groups and Teams to help structure and regulate communications and collaboration
  • prevent users from downloading files to unmanaged or unregistered devices
  • audit external sharing by granting and limiting permissions to certain users

5) Classify sensitive data and content

Content that contains sensitive information, such as banking, medical and other confidential data, is likely to be bound by governmental data protection laws and regulations from compliance bodies.

Microsoft 365 enables your organisation to automatically label and classify such content with sensitive and retention labelling so that such content need only be accessed by authorised users. It can also inform on when the labels on such content will expire and how long it needs to be retained.

You can classify sensitive data and use Microsoft Information Protection to keep sensitive data across your environment secure regardless of where it’s stored– including Microsoft Teams – or how it’s shared.

If you need any support with your security for Microsoft Teams, ProvisionPoint can help, get in touch today.