Plan for governance in Teams

Teams provides a rich set of tools to implement any governance capabilities your organization might require. This article guides IT pros to ask the right questions to determine their requirements for governance, and how to meet them.

Tip

Watch the following session to learn about more about Governance in Microsoft Teams: Governance, management and lifecycle in Microsoft Teams

Group and team creation, naming, classification, and guest access

Your organization might require that you implement strict controls on how teams are named and classified, whether guests can be added as team members, and who can create teams. You can configure each of these areas by using Azure Active Directory (Azure AD).


An icon depicting decision points Decision points
  • Does your organization require a specific naming convention for teams?
  • Do team creators need the ability to assign organization-specific classifications to teams?
  • Do you need to restrict the ability to add guests to teams on a per-team basis?
  • Does your organization require limiting who can create teams?
An icon depicting the next steps Next steps
  • Document your organization’s requirements for team creation, naming, classification, and guest access.
  • Plan to implement these requirements as a part of your Teams rollout.
  • Communicate and publish your policies to inform Teams users of the behavior they can expect.

Tip

Use the following table to capture your organization’s requirements.

Capability Details Azure AD Premium
license required
Decision
Team naming policy Use Prefix-Suffix–based, Custom Blocked Words. P1 TBD
Team classification Assign classifications to teams. P1 TBD
Team guest access Allow or prevent guests from being added to teams. No TBD
Team creation Limit team creation to administrators. No TBD
Team creation Limit team creation to security group members. P1 TBD

Note

Limiting group and team creation can slow your users’ productivity, because many Office 365 services require that groups be created for the service to function. For additional information, navigate to and expand Why control who creates Office 365 Groups.

Additional information

After you’ve determined your requirements, you can implement them by using Azure AD controls. For technical guidance on how to implement these settings, see:

Group and team expiration, retention, and archiving

Your organization might have additional requirements for setting policies for expiration, retention, and archiving teams and teams data (channel messages and channel files). You can configure group expiration policies to automatically manage the lifecycle of the group and retention policies to preserve or delete information as needed, and you can archive teams (set them to read-only mode) to preserve a point-in-time view of a team that’s no longer active.

An icon depicting decision points
Decision points
  • Does your organization require specifying an expiration date for teams?
  • Does your organization require specific data retention policies be applied to teams?
  • Does your organization expect to require the ability to archive inactive teams to preserve the content in a read-only state?
An icon depicting the next steps
Next steps
  • Document your organization’s requirements for team expiration, data retention, and archiving.
  • Plan to implement these requirements as part of your Teams rollout.
  • Communicate and publish your policies to inform Teams users of the behavior they can expect.

Tip

Use the following table to capture your organization’s requirements.

Capability Details Azure AD Premium license required Decision
Expiration policy Manage the lifecycle of Office 365 groups by setting an expiration policy. P1 TBD
Retention policy Retain or delete data for a specific time period by setting retention policies for Teams in the Security & compliance center. Note: Using this feature requires licensing of Office 365 Enterprise E3 or above. No TBD
Archive and restore Archive a team when it’s no longer active but you want to keep it around for reference or to reactivate in the future. No TBD

Note

Group expiration is an Azure AD Premium feature. For this feature to be available, your tenant must have a subscription to Azure AD Premium and licenses for the administrator who configures the settings and the members of the affected groups.

Additional information

For technical guidance on how to implement these settings, see:

Teams feature management

Another important aspect of governance and lifecycle management for Teams is the ability to control what features your users will have access to. You can manage messaging, meeting, and calling features, either at the Office 365 tenant level or per-user.

An icon depicting decision points
Decision points
  • Does your organization require limiting Teams features for your entire tenant?
  • Does your organization require limiting Teams features for specific users?
An icon depicting the next steps
Next steps
  • Document your organization’s requirements for limiting Teams features at the tenant and user level.
  • Plan to implement your specific requirements as part of your Teams rollout.
  • Communicate and publish your policies to inform Teams users of the behavior they can expect.

Teams feature management focus areas

Teams provides granular capabilities for controlling messaging, meeting, calling, and live event features and more, via policies. Different policies can be applied to all users by default or per user as required by your organization.

For detailed lists of all settings, including technical guidance on how to implement them for your organization, see the following articles:

Security and compliance

Teams is built on the advanced security and compliance capabilities of Office 365 and supports auditing and reporting, compliance content search, e-discovery, Legal Hold, and retention policies.

Important

If your organization has compliance and security requirements, review the in-depth content provided about this topic in the article Overview of security and compliance in Microsoft Teams.