Posted by: kurtsh | November 13, 2020

INFO: Microsoft Teams Governance

Microsoft Teams Governance is documented in the articles below.

  • Plan for governance in Teams
    Teams provides a rich set of tools to implement any governance capabilities your organization might require. This article guides IT pros to ask the right questions to determine their requirements for governance, and how to meet them.
  • Governance quick start for Microsoft Teams
    The following activities will happen simultaneously, and they may involve all or part of your key team. As a best practice, defer large-scale governance and security conversations for after you have completed your initial experimentation with Teams. It is important to understand how governance decisions may impact the end-user experience and will simplify the decisions you will need to make at that later date.
    • Create and test an approval workflow with Power Automate
      A Microsoft Teams Governance practice is to enable Approval Workflow such that to create a new team, users need to make a request.
    • Private channels in Microsoft Teams
      Private channels in Microsoft Teams create focused spaces for collaboration within your teams. Only the users on the team who are owners or members of the private channel can access the channel. Anyone, including guests, can be added as a member of a private channel as long as they are already members of the team.
    • Manage tags in Microsoft Teams
      Tags in Microsoft Teams let users quickly and easily connect with a subset of people on a team. You can create and assign custom tags to categorize people based on attributes, such as role, project, skill, or location. Or, tags can be automatically assigned to people based on their schedule and shift information in the Shifts app (coming soon). After a tag is added to one or multiple team members, it can be used in @mentions by anyone on the team in a channel post or to start a conversation with only those people who are assigned that tag.
    • Manage app setup policies in Microsoft Teams
      As an admin, you can use app setup policies to do the following tasks:
        • Customize Teams to highlight the apps that are most important for your users. You choose the apps to pin and set the order that they appear. Pinning apps lets you showcase apps that users in your organization need, including apps built by third parties or by developers in your organization.
        • Control whether users can pin apps to Teams.
        • Install apps on behalf of users (in preview). You choose which apps are installed by default for users when they start Teams. Keep in mind that users can still install apps themselves if the app permission policy that’s assigned to them allows it

    • Turn on or turn off guest access to Microsoft Teams
      By default, guest access is turned off. You must turn on guest access for Teams before admins or team owners can add guests.
      After you turn on guest access, it may take a few hours for the changes to take effect. If a user sees the message "Contact your administrator" when they try to add a guest to their team, it’s likely that either guest access hasn’t been turned on or the settings aren’t effective yet.
    • Calling policies in Microsoft Teams
      In Microsoft Teams, calling policies control which calling and call forwarding features are available to users. Calling policies determine whether a user can make private calls, use call forwarding or simultaneous ringing to other users or external phone numbers, route calls to voicemail, send calls to call groups, use delegation for inbound and outbound calls, and so on.
      You can use the global (Org-wide default) policy that’s created automatically or create and assign custom policies.
    • Manage meeting policies in Teams
      Meeting policies are used to control the features that are available to meeting participants for meetings that are scheduled by users in your organization. You can use the global (Org-wide default) policy that’s automatically created or create and assign custom policies. You manage meeting policies in the Microsoft Teams admin center or by using PowerShell.
    • Manage Microsoft Teams settings for your organization
      You manage apps for your organization in Teams apps in the Microsoft Teams admin center. For example, you can set policies to control what apps are available org-wide or to specific Teams users and you can customize Teams by pinning the apps that are most important for your users.
      You can control organization-wide user settings in the Microsoft Teams admin center. To edit org-wide settings, go to the Microsoft Teams admin center, and then select Org-wide settings. You can configure the following settings.
    • Manage teams policies in Microsoft Teams
      As an admin, you can use teams policies in Microsoft Teams to control what users in your organization can do in teams and channels. For example, you can set whether users are allowed to create private channels.
  • Microsoft 365 group expiration policy (Requires “Azure Active Directory Premium P1” license)
    With the increase in usage of Microsoft 365 groups and Microsoft Teams, administrators and users need a way to clean up unused groups and teams. A Microsoft 365 groups expiration policy can help remove inactive groups from the system and make things cleaner.
    When a group expires, all of its associated services (the mailbox, Planner, SharePoint site, team, etc.) are also deleted.
    When a group expires it is "soft-deleted" which means it can still be recovered for up to 30 days.
  • Microsoft 365 groups naming policy (Requires “Azure Active Directory Premium P1” license)
    You can use a group naming policy to enforce a consistent naming strategy for groups created by users in your organization. A naming policy can help you and your users identify the function of the group, membership, geographic region, or who created the group. The naming policy can also help categorize groups in the address book. You can use the policy to block specific words from being used in group names and aliases.
    The naming policy is applied to groups that are created across all groups workloads (like Outlook, Microsoft Teams, SharePoint, Planner, Yammer, etc.). It gets applied to both the group name and group alias. It gets applied when a user creates a group and when group name or alias is edited for an existing group.
  • Dynamic membership rules for groups in Azure Active Directory (Requires “Azure Active Directory Premium P1” license)
    In Azure Active Directory (Azure AD), you can create complex attribute-based rules to enable dynamic memberships for groups. Dynamic group membership reduces the administrative overhead of adding and removing users. This article details the properties and syntax to create dynamic membership rules for users or devices. You can set up a rule for dynamic membership on security groups or Microsoft 365 groups.
  • Overview of dynamic membership for teams
    Microsoft Teams supports teams associated with Microsoft 365 groups by using dynamic membership. Dynamic membership enables the membership of a team to be defined by one or more rules that check for certain user attributes in Azure Active Directory (Azure AD). Users are automatically added or removed to the correct teams as user attributes change or users join and leave the tenant.


%d bloggers like this: