Proventeq

Header-MS Teams II mitigating danger across a galaxy of content

We’ve already discussed the problem of content sprawl in MS Teams, but what can you do to mitigate sprawl right now, or ensure you’re minimizing the danger from the outset?

28 Oct 2021

6 min

Balu Herbert

Chief Strategy Officer

To recap just a little, over the last seventeen months or so, organizations across the world have been driven to enable employees to work remotely, resulting in many thousands of new MS Teams channels being created.

Enter: danger

Many organizations now have multiple Teams channels without any level of rigor, governance, or appropriate security processes. In some cases, the normal one-year lifespan of Teams has been extended to keep projects moving forward. That’s another year of “live time” for documents to be created and shared unchecked, and for things to go wrong.

My advice to these organizations is: if you already have Teams channels, take a little time to assess your security and channel structure. And if you haven’t got Teams today but are planning to adopt it, a little work upfront will save you a lot of pain and help protect your business from multiple threats.

What threats, exactly?

Despite Microsoft’s best efforts to safeguard Teams, the security of data within the program, and how it is shared or used, is the responsibility of the organization using it. That creates a lot of security stress points. And ever-opportunistic, over the last year-and-a-half, hackers have increasingly targeted Teams as a way to steal sensitive information.

It’s also simple to add guest users to Teams without properly vetting them. Last year, McAfee estimated that a typical enterprise adds a new user to Teams every few minutes. There’s little to stop external contacts from viewing content from unmanaged devices, nor sensitive data from being viewed by unvetted individuals, especially via Teams screen shares. External users may inadvertently upload malware through devices that are not subject to an enterprise’s security protocols. shares. External users may inadvertently upload malware through devices that are not subject to an enterprise’s security protocols.

A little care goes a long way

I recommend all organisations using Teams conduct an assessment to audit the number of channels and users within an enterprise, and the extent to which these are opened up to external users and partners. The end goal is a clear view of usage patterns and some intelligence about the levels of security applied.

As I mentioned in my last blog, it’s also critical that a Teams Project Manager (or equivalent) has a clear view of the type of documents being shared within the structure: are they collaborative documents, projects, or systems of records? What is their level of significance? Are documents elite or trivial? These are questions that must be answered before you create and deploy proper governance structures.

Management actions

These factors give us sensible management actions that will help us audit and clean up existing Teams sprawl. The next stage is to execute: archiving documents, labeling them correctly so they can be easily identified and grouped, applying the right level of security to sensitive material, and so on.

A stitch in time…

Ideally, of course, businesses should have these protocols in place before using Teams at all. Microsoft can provide templates for smart governance, for example by creating an approvals process for new channels or documents. The enterprise collaboration process - how a team of individuals consisting of external and internal workers interact and shares documents in Teams - may vary from one organization to another. But typically a business might have a project manager responsible for signing off on new channels and what they are permitted to contain.

An approvals process is best practice and highly recommended for organizations using Teams. At the very least it can help you to ensure document taxonomy is applied correctly so you can categorise files.

Anyone who has been tasked with cleaning up an organizational intranet where people have been allowed to create and duplicate documents unchecked will understand what a veritable galaxy of content this can create. There are plenty of third-party tools that can be deployed to create governance structures. But carefully policed, structured filing is also a human factor. Requiring commitment and awareness. Proventeq can ensure the burden on people is minimal.

Continuous diligence

Once you’ve analyzed your existing Teams channels and applied some governance, you need a process for continually monitoring your sites and understanding what’s being shared across channels and by whom. We’ve developed an effective way of doing this through a dashboard that allows an administrator or Project Manager to quickly review Teams activity and take any corrective or management actions as required. It’s the quickest and most effective remedy for content sprawl, and it brings peace of mind to anyone whose job includes reviewing that galaxy of content. Microsoft offers some capability and content analysis tools for SharePoint, but Proventeq can make it easier still.

Organizing content effectively

What pain do you save yourself when you organize content within Teams? Typically, once a collaborative lifecycle has ended, organizations find a lot of content that needs to be reorganized, declared as systems of record, or otherwise added to a wider enterprise document management system. It’s a big task. Structuring and applying the right taxonomy to content from the outset can save days of effort. And that’s the purely labor-saving stuff. Good organization also means having only the most accurate systems of record on file, the only data you’ll ever need, and minimizing the security threat.

The power of MS Teams

It’s important to recognize that MS Teams is a powerful, multifunctional collaboration tool. The weakest link with Teams is often the human factor, and by managing behavior and implementing rigorous best practices, Proventeq can help you to make the most of the platform.

For example, we can help you to integrate Teams with other applications to improve collaboration and digitization. You could interact with CRM systems like Salesforce so that when an opportunity is created, it is shared quickly within a sales team or with extended teams as required. It can help reduce reliance on emails (which are enormously costly in terms of time, attention, and productivity). It can create rules for collaboration, allowing content to be shared only within the most relevant channels for selected partners to view and action. But to be effective and secure, Teams need governance, and there’s no better time to start than now.