Planning for Microsoft Teams Governance: Guide + Best Practices
Planning for Microsoft Teams Governance: Guide + Best Practices
Before diving into user adoption, organizations should create a plan for Microsoft 365 and Microsoft Teams governance. Time invested in a thoughtful governance review and implementation will pay dividends during and after your adoption campaign, including a smoother rollout, better user experience, and fewer help desk calls.
In this blog, we will explain why governance matters, guide you through the key governance decisions to make before rolling Microsoft Teams, and provide tips and best practices from our experience with customers.
Issues with Lack of Governance
After several organizations quickly adopted Microsoft Teams in the wake of the pandemic and rise of remote work, many are now asking for help doing cleanup work and tidying up their Teams/SharePoint environments. Why?
Mainly because of the sprawl of Teams in ungoverned environments that led to frustrated users. (If your organization is a late adopter of Microsoft Teams, keep reading as this is a great time to learn from the experience of others!)
What Microsoft 365 and Microsoft Teams Governance Is and Why It Matters
Governance is about tailoring your Microsoft 365 and Teams environment to your end users’ needs while keeping the overall IT environment in mind.
Take, for example, the ability to share links and collaborate with externals.
As an administrator, you can decide to prevent this or allow it. If you prevent it, your users may end up finding an alternative app to collaborate with externals. But allowing it means that you could be putting your organizational data at risk. The best choice depends on your organization’s requirements, your risk tolerance, and how well you planned your adoption efforts. There are ways to allow users to share externally with some provisions, such as, asking external to authenticate, for example.
Key Microsoft Teams Governance Decisions & Best Practices
Microsoft Teams provides IT administrators useful tools to control teams creation, naming, classification, and expiration, among others. Let’s look at some of these key areas you should plan for before deploying Microsoft Teams.
If you are looking to learn more about governance for other areas of your Microsoft 365 environment, we recommend this collaboration governance framework provided by Microsoft.
Best Practice: Restrict Teams Creation to a Group of Champions
You’ll often hear that it’s a good idea to allow users to create teams to drive more adoption.
While at Change Champions we obviously love the idea of people using Teams, we’ve come to learn that allowing people to create teams is more likely to create confusion than help users. Often, employees create teams without awareness of how the platform should be used or what to use it for, resulting in duplicate teams or teams that are left “orphan” once users lose interest.
Instead, we recommend restricting teams creation to a specific group of people, such as pre-identified champions or IT.
This will help with sprawl and give those Champions an opportunity to coach users as they make new requests.
If you expect to receive many team requests and you prefer to avoid giving your Champions the burden of having to provision teams, consider leveraging a platform like ServiceNow to automate the request process or, even better, a Microsoft Teams governance app to manage your end-to-end Teams governance (beyond provisioning) including aspects such as guest access, lifecycle, and more. If you are interested in our recommended Teams governance app and understanding its benefits, you can schedule a demo with our team.
Best Practice: Establish Team Templates
Another effective way to empower users while keeping governance in mind is to establish basic team templates based on common organizational use cases (projects, committees, divisions, etc.).
Templates can give users ideas to get started in Teams. To define your templates, we recommend talking to your users about their most common collaboration needs. For example, a financial institution could have a “Branch Management” template whereas a Forestry organization may have a “Division” template. A “Project” or “Program” template is common for most organizations that run projects.
Lastly, consider creating a certification course that welcomes your new users to Teams and teaches them best practices. Then, when a new team is created, assign this training to them as a prerequisite for keeping access.
Here’s an example from one of our clients:
Best Practice: Create a Teams Naming Policy
By default, anyone who creates a team can name it whatever they wish. However, without proper controls this can lead to headaches.
For example, suppose someone in your organization creates a team with the name Human Resources. What happens when someone else in the same department (perhaps in another regional office) creates another team and calls it HR? Now the company has multiple teams for seemingly the same purpose, along with their Office 365 groups and SharePoint site collections!
Instead, you can make your life easier and set up an Office 365 group naming policy.
For example, you may use prefixes to communicate the type of team (PROJ for project teams, DEPT for departmental teams) and a suffix like EXT to indicate if the team has external members.
Also, consider creating a list of blocked words that cannot be used in a team or group name, such as Payroll, CEO, etc.
Best Practice: Provide Teams Classification Options
Each team automatically comes with an Office 365 Group with configurable statuses (public or private) and, optionally, classifications.
Classifications are labels that administrators can use to create policies for retention and other content-related requirements in Office 365. (More about retention in later.) If you need to classify your data for compliance purposes, consider allowing users to set “Public”, “Internal Only”, and “Restricted” on teams they request or create.
Once the classifications are configured, users will see an option to classify the team they create by editing team details.
Best Practice: Only Allow Guest Access Upon Request
Guest access means giving your users the ability to add external members to teams to collaborate (including people from non-organizational domains such as personal email accounts).
While in many cases this is important, guest access could introduce risk to your environment as you may lose track of who is joining your organization and for how long.
Our recommendation around guest access:
By default, don’t allow guest access and only provision teams with this capability upon request from the end users.
Consider using a “suffix” to indicate when a team has external members (DEPT – Human Resources – EXT). This will help your administrators and users identify teams with guests.
Additionally, only allow domains from organizations you trust into your environment. Avoid personal email domains such as hotmail.com or gmail.com unless required.
Train users on the meaning of externals accessing your Teams/SharePoint environment and ask them to consider creating a private channel within the team to protect confidential information.
Best Practice: Set a Team Expiration Policy
As the number of teams increases, it can create a bit of a mess, for instance when a project is completed but the team and Office 365 group is still hanging around.
Our recommendation around team expiration:
Manage the lifecycle of teams in your organization by setting an expiration policy. Team owners will be notified when their team is going to expire, asking them to renew the group if still in use.
If you set the expiration to be 365 days, then each team will come up for renewal every 12 months. Any team or group that is not renewed will be deleted. But don’t worry! Any Office 365 team or group that is deleted can be restored within 30 days by the group owners or the administrator.
Best Practice: Create Retention Labels & Policies
Another area to keep in mind is data retention.
In some cases, you may need to retain files, team messages or posts to meet industry regulations and internal policies. For example, the Sarbanes-Oxley Act might require you to retain certain types of content for seven years. Alternatively, you may prefer to remove information that is no longer required to ensure users have access to information that is current and relevant only.With Teams retention labels and policies, Team admins can decide proactively whether to retain content, delete content, or both — retain and then delete the content based on time. Policies are applied by using content labels that can be either auto-applied or applied by users.
Additional Microsoft Teams Policies & Controls To Consider
In addition to the areas above, there are other policies and controls available to Teams administrators that are worth considering.
Cloud File Storage Options: Consider turning this off if you prefer your users to save files in the Microsoft options only.
Apps: As a rule, we recommend that you only allow Microsoft apps and only add third party apps when there is a business reason to do so. Keep in mind that some of these apps require licensing.
Live Events and Webinars: Unless required, we recommend turning off the ability to create Live Events and Webinars in Teams and only training specific user groups (e.g., Training or Corporate Communications) in this capability. You can later create a group to enable them with these options.
In sum, in our experience, Microsoft Teams (and Microsoft 365) governance is critical to good user adoption.
Having thousands of teams in your environment, without a proper naming convention, each with its own use case and template, and without any expiration policy will most certainly result in sprawl and poor user adoption. By providing a solid governance foundation that is fit for purpose, you will be giving your end users the guidance and support they need to succeed. Governance – combined with a solid training and adoption plan – is key to the success of your Microsoft 365 and Teams rollout.
User Training and Adoption
As mentioned earlier, training is critical to communicate all of those governance decisions that are beyond usability. We recommend that you create a learning journey for Microsoft Teams Owners and another one for Members.
Let’s take a look at some examples.
Team Owner Training
Course contents (sample):
- What Teams is and how it is different from other collaboration options
- When to request a team vs. using other tools (e.g., chat groups)
- Add members and manage permissions
- Structuring the team and creating Channels, adding tabs and resources to a Channel
- Channel meetings
- Guests management
Team Member Training
Course contents (sample):
- What Teams is
- Communicating in Channels (posts, @mentions, etc.)
- File collaboration, version control, etc.
- Participate in meetings
- Using apps like Planner, OneNote
- Teams etiquette and best practices
If you need a hand driving adoption of Microsoft 365 or Teams, just book a free consultation with us.