There’s a wealth of advice on Microsoft Teams governance out there, but it can quickly get overwhelming. Whether you’re just getting started or looking to refine your approach, these eleven best practices are practical approaches that have proven to be effective for my clients, and they will certainly improve your Microsoft Teams implementation.
1. Take an agile approach to Teams governance
Effective governance starts with policies that everyone can follow without the need to refer to a manual. If you can’t remember the rules easily, they’re probably too complicated.
Avoid spending too much time planning Microsoft Teams policies and guidelines before implementing them. Real-world testing always beats hypothetical planning – especially with Microsoft Teams. Let the way your company uses Teams guide its evolution. Remember, you can always rename your teams and channels, archive teams, add new teams and so on. Nothing is set in stone!
Engaging with end users through surveys or feedback forms provides invaluable insights into how Teams is being utilized across your organization and allows you to continuously improve upon its implementation.
2. Stay flexible! One size doesn’t fit all
It’s important to empathize with diverse work styles. Different teams have different needs, and a one-size-fits-all policy can lead to confusion rather than clarity.
For example: the directive to “create a new channel for discussing each new topic” may not suit all working groups. Some departments may work best with many well-organized channels; others may be overwhelmed with more than 1 or 2 channels in a team.
Another area where flexibility is important is in the way teams communicate. It’s helpful to guide team members on the most effective places to share information to ensure that it remains accessible, that it can be easily referenced, and that it reaches the intended audience. However, it’s counterproductive to overly police personal expression. We all communicate differently over Teams, opting to use text, emoji reactions or GIFs in our own personal way. Overly policing personal expression can stifle creativity, reduce engagement and create an atmosphere of distrust. When employees feel their unique voices are not welcome, it can lead to a decrease in team cohesion and reluctance to share valuable insights. Supporting personal expression, as long as it’s professional, improves our work culture and makes team members feel welcome.
Tailoring guidelines to support the unique workflows and preferences of each team not only respects individual differences but also enhances overall productivity and collaboration – fostering a culture of open communication without micromanagement.
3. Enlist champions to uphold communication guidelines
To effectively communicate within Microsoft Teams, it is essential to understand the appropriate circumstances for creating a new team, adding a channel to a team, posting a message to a channel or initiating a chat. For instance, conversations that might later need to be referenced are better suited for channels, whereas immediate or transitory discussions can remain in chats.
Leadership plays a pivotal role in ensuring content is shared appropriately. If information shared in a chat could benefit others or needs to be officially recorded, leaders should encourage moving the discussion to a more suitable channel. Over time, these practices will become ingrained in the organization’s culture, though larger organizations may need more time and effort to adapt. Designating multiple “champions” within the organization can facilitate this cultural shift by providing guidance and modeling best practices.
4. Consider creating custom policies
Policies in Teams contain settings that can be applied to one or more users. These can be managed in the Teams admin center or via PowerShell.
Many companies do not need different policies across their organization and opt to customize the “Global (Org-wide default)” policies. However, if different groups require different tools and permissions, they can be assigned by creating custom policies. Policies can be assigned to individual users, to a batch of users or to a group of users (i.e., a Microsoft 365 group, security group, or distribution list).
Custom policies can also be leveraged to enable a subset of users to test settings and features in Teams before rolling them out to the broader organization.
Default and custom messaging policies in the Microsoft Teams admin center
5. Understand and manage guest access and external access
Guest access and external access sound similar, but they refer to different types of access. Guest access refers to inviting users from outside your organization into your organization to join a specific team. External access refers to communication with users outside of your organization – including chat, calls and meetings.
If you don’t want external users to be invited to teams – but still want to be able to chat, call and meet with external users – you can turn guest access off.
To limit communication with external users via chats, calls and meetings, configure “External access” settings. By default, users can communicate with Teams and Skype for Business users in all external organizations, but you can choose to allow only specific external domains, block only specific external domains or block all external domains.
It is also possible to block communication with personal Teams and Skype accounts. Unless your company communicates with customers through personal Teams or Skype accounts, I recommend blocking communication with Teams accounts that are not managed by an organization (i.e. personal Teams accounts) and blocking communication with Skype users (i.e. personal Skype accounts – this setting does not impact Skype for Business).
External access settings in the Microsoft Teams admin center
6. Restrict third-party applications
Third-party applications contribute to data sprawl and pose a risk for security and compliance. Consider which third-party applications, if any, should be allowed in Microsoft Teams.
Teams app permission policies control which apps are available for users within your organization. By default, third-party and custom apps are allowed. I recommend blocking third-party and custom apps or allowing specific third-party and custom apps.
App permission policy settings in the Microsoft Teams admin center
If you choose to block custom apps, make sure to also turn off the ability for users to upload custom apps via Teams app setup policies. Otherwise, users will still be able to upload custom apps for their personal use.
The “manage apps” page in the Microsoft Teams admin center lists all apps that are available to install. You do not need to block third-party or custom apps here if they are blocked via policies. Even if an app status is “Allowed,” the policy that blocks third-party or custom apps takes precedence.
7. Configure policies and settings for secure meetings
Meeting policies and meeting settings help to prevent unauthorized access, protect sensitive information and create a better user experience.
I recommend turning off the ability for anonymous users to join and interact with apps in meetings. In the Microsoft Teams admin center, this setting is under Meeting Settings > Participants.
Block anonymous meeting access through meeting settings in the Microsoft Teams admin center
Meeting “join” and “lobby” settings are another key area to focus on for secure Teams meetings. These are configured through meeting policies.
The default org-wide setting for “Who can bypass the lobby” is “People in my org and guests.” I recommend changing this setting to “People in my org” if your organization uses Teams meetings for webinars and customer meetings to allow your internal teams to join meetings early and prepare privately before the start of a meeting. This setting can be changed for a specific meeting through the meeting options settings for the meeting.
Please note that the “Anonymous users can join a meeting” setting here does not matter if you have blocked it via meeting settings as I described above.
Default meeting join and lobby settings in a Teams meeting policy
8. Manage and automate team creation
It’s important not to make it difficult for users to create teams if you want teams to be used for collaboration. However, it’s also important to manage the creation of teams to avoid data sprawl.
One way to avoid unnecessary duplication of information is to encourage users to take a moment to search for existing teams or channels before creating new ones. Keep in mind though, duplicate teams can also happen when the channel they’re looking for is private (because team members can’t see them unless they’re added to them) and when team names are not reflective of their content (e.g. “Main Street” for a presales “ask me anything” team).
Another way to prevent information overflow is to restrict the creation of teams to a group of privileged users. Beware, though: in environments with lengthy processes and bottlenecks for who can create a team, more groups of people end up collaborating over chat, where there is no barrier to create their collaboration space. Not only do chats make information harder for those outside the chat to find, but should your company need to migrate to another Microsoft 365 tenant, there are plenty of caveats that you don’t run into when migrating Teams channel conversations.
If you plan to restrict who can create teams, your best bet is to plan to automate team requests, approvals and provisioning as well. With Microsoft’s “Request-a-team” app template, you can automate team creation, removing bottlenecks while maintaining governance. This includes setting up approval flows, ensuring that only justified, approved teams are created, reducing redundant or unnecessary teams.
Requesting a team in Microsoft’s Request-a-team app. Image credit: Microsoft
9. Establish naming conventions where necessary
Naming conventions are a helpful way to organize and govern teams. While every organization is different, these are the use cases I typically see:
Departmental collaboration
Teams can often represent functional departments within an organization, such as Finance or HR. These are straightforward and reflect the organizational structure. In this case, it’s best to follow the naming conventions your company already uses for departments, branches and so on.
Project or purpose-based collaboration
Some Teams are created for specific projects, campaigns or initiatives often involve cross-departmental collaboration. These don’t have to be formal initiatives; an “Office Water Cooler” team for people to share news and other topics that don’t fit into work channels is also an example of this. If numbers and IDs are part of your project management process, it may be helpful to include the project ID in the team name, but a naming convention is not always necessary here.
External collaboration
These Teams are created to collaborate with people outside of your organization. Naming conventions like an “EXT” prefix are important for teams that include guest users, so it is easily seen if users need to be more careful when sharing information.
Location-based teams
In larger organizations with multiple offices, teams can be structured around location, such as a ‘Vancouver Office’ Team, to facilitate location-specific communication. In these cases, the naming convention can be the location. Putting “Location – Vancouver Office” is redundant.
Remember, when establishing naming conventions that users quickly browse to find the group, they need to scan team names in the left menu. Long names can clutter this space, making it challenging for users to distinguish between different teams at a glance, while opting for concise names can enhance navigability.
10. Consider SharePoint and OneDrive sharing settings
SharePoint and OneDrive are the backbone of Microsoft Teams, and their configuration impacts Microsoft Teams. Notably, one of the file and folder sharing settings in the SharePoint admin center significantly influences coauthoring in Teams chat.
When the default setting for SharePoint and OneDrive sharing links is set to “View,” files shared over chat will initially be “view only”.
Sharing a file in Microsoft Teams chat with view-only permissions
In the image above, see the downward-facing caret beside “People in your organization can view” that hints at the possibility of a menu. It’s very subtle. Unfortunately, many people do not realize that when you share a document via Teams chat, you can click on that document to edit its sharing settings before pressing “Send.”
Sharing settings for a file in Microsoft Teams chat
The result is that many people will not realize that they can coauthor files in Microsoft Teams chat. Coauthoring streamlines the process of working on documents together, reduces the time spent on back-and-forth email exchanges and file versions and ensures that everyone is always working on the most up-to-date document.
From my perspective, unless an organization has a solid reason not to, the default setting for SharePoint and OneDrive sharing links should be “Edit.” This setting doesn’t eliminate the possibility of sending files with edit permissions, it just makes it not the default option.
It’s important to familiarize yourself with how the settings in the SharePoint admin center affect Microsoft Teams to ensure that Teams is as effective as possible in improving your organization’s collaboration and productivity.
11. Determine how and when to archive or delete teams
Regularly cleaning up teams that are no longer active is a crucial part of maintaining an organized and efficient digital workspace. This practice prevents clutter, makes navigation easier and ensures that current projects and collaborations are easily accessible. By removing outdated teams, you help keep the focus on relevant and active workspaces.
Deciding between archiving or deleting a team in Microsoft Teams depends on the specific scenario. Archive a team when you want to preserve its content for future reference without active collaboration or choose to delete it if the information is no longer needed.
When a team is archived, it’s placed in a read-only state, preserving all its content and conversations but preventing any new activity. If the team is needed at any point in the future, it can be reactivated. This approach allows for the decluttering of your Teams environment while retaining access to important information.
Users should be educated on the archiving process, including the steps to archive a team and how to access and retrieve files from an archived team.
The message that appears when archiving a team. Image credit: Microsoft
Conversely, deleting a team in Microsoft Teams removes it and all its associated data, including channels and files. However, it’s important to note that deleted teams can be restored by Microsoft 365 administrators within 30 days. This “soft-delete” period provides a safety net, ensuring that valuable collaboration and data are not permanently lost due to accidental deletions.
Conclusion
While these eleven best practices are not the ultimate solution to every Teams governance challenge, they are impactful strategies that can substantially improve how your organization uses the platform. Keep in mind that managing Microsoft Teams well means being open to change. It’s important to regularly check how you’re using Teams and adjust your approach as needed. Your organization is unique, and how you use Teams should reflect that.