Security is considered one of the success factor for any implementations.With Office 365 security and compliance there are lot of options to enforce the security across Office 365 suite of products.We can enforce DLP on Microsoft Teams based on our requirement. ATP can be turned on for all file upload activities in Microsoft Teams. The best part is that now we do have option to enable retention as lesser as 1 day in Microsoft teams channel messages and chats.
Microsoft Data Loss Prevention have been protecting sensitive information across all Office365 platforms. The easiest part is that we already have more custom built-in templates which will be easier for us to create,test,evaluate the results and finally create one for the production.
DLP Policy in Teams:
To create a dedicated DLP policy for Teams navigate to security and compliance center – Create a new policy.
In our example we are creating a new policy which will block the sharing of PAN card number via teams channels and chats.
In locations tab ensure that we are selecting teams chat and channel messages if the location is going to be only teams. If we need on all locations then we can keep them all enabled.
Under policy settings we do have lot of prebuilt templates which is super simple for us to just select and apply. In our case we are just selecting Block Indian PAN CARD number not to be shared via teams channels and chat messages.
Now we’ve created the teams data loss prevention policies and its time for us to test the created policy.
Have just logged into my test account and attempted to send a PAN Card to my account. The moment the PAN card is shared it is immediately blocked from the DLP policy.
And from the recipient end received the following message and the message is not delivered since it matches our DLP policy.
With the DLP policy we will be able to secure our sensitive information in Teams Channels and chat conversations.
Enable safe attachments on Teams Channels and chats :
Enabling ATP on Teams is pretty straight forward.
We need to navigate to protection security center – threat management – policy – select safe attachments.
All we need to do is to just select turn on ATP for SharePoint, One Drive and Microsoft Teams.
Once the policy is enabled and when somebody attempts to share an infected file the file is blocked but still present in the library, however no one will have the ability to open them from their side.
Files are scanned asynchronously, through a process that uses sharing and guest activity events along with smart heuristics and threat signals to identify malicious files.
To review the quarantined files we can go to threat management – review – select view quarantined files
Enable Retention in Microsoft Teams channels and chat conversations:
By default teams conversations and files are retained forever. With the new retention policy introduced in Microsoft teams channels and chats now admins have the option to customize the retention and delete the data forever if it is considered as liability according to the company retention policy.
In-order to create retention policies navigate to security center – select information governance – select retention – click create
Have created once dedicated policy for Teams Retention.
Now we choose the retention settings as per our requirement. The good part is that we do have the option now to retain the content lesser to even 1 day time.
Now we need to create a new retention policy for Microsoft Teams. If we try to edit the old retention policy there wouldn’t be an option to include Team Channel Messages and Chats , since these locations were on-boarded recently in the retention policy scopes.
Once selected based on the retention period all the Teams channel messages and chats are retained.
If end users delete their Teams messages, these messages are still preserved and available for search through eDiscovery for particular years based on the retention period set in the policy.
In order to recover a deleted file from channels – navigate to the channels – files tab – select open in sharepoint
Now after clicking on open in SharePoint – navigate to recycle bin and we could see the deleted file present.
We do have the same restore option like what we see in SharePoint sites.
With all the new security enhancement and retention channels enabled in Microsoft Teams it makes more convenient better communication platform for all users in the enterprise environment.