Transforming workplace

collaboration is a

business imperative

86%of leaders cite lack of collaboration or ineffective communication top

reason for workplace failures

65%of leaders agree that moving from hierarchical to team based

working is critical for their success in 2019, but only 7% say

they are ready

45%of leaders have or are implementing web-based collaboration

solutions at scale in their companies

Microsoft Teamsis the hub for teamwork in Microsoft 365

Chats

Meetings

Calls

Files

Apps and workflows

Transform workplace collaboration

Streamline businessprocesses

Connect everyone on

a single platform

Teams

Provide enterprise grade security & compliance

Teams – Security & Compliance

Protect your sensitive data–wherever it travels.

Secure identities, control access

Identity & access management

Discover and respond

Information protection

Managerisks

Data governance

Identify, collect and produce content

Manage content lifecycle Enforce communication compliance policies, detect

malicious content

Identity & access management Secure identities, control access

• Cloud Identity

• Synchronized Identity

• Federated

Windows

Hello

SMS,

Voice

Hard

Tokens OTP

FIDO2

Security key

Push

Notification

MFA prevents 99.9% of identity

attacks

Microsoft

Authenticator

of breaches leverage stolen or weak

passwords

81%

IT admins can make the use of Microsoft Teams more secure by enforcing restrictions on both managed and

non-managed devices using Intune MAM and CA policies.

Prevent data loss between Teams and other personal apps

Employees can use their favourite device to access Teams securely✓

✓

Protect data at the Teams App level without having to manage devices

Simplified enrolment process to increase user adoption✓

✓

▪ Conditional access policies based on

▪ Exchange and SharePoint Conditional Access

Policies apply to Teams

Device / Platform

Mobile Client

• iOS (7.1+)

• Android (4.0+)

Desktop Client

• Windows PC

(8.1+)

• Mac OS X

Web Client

• IE, Edge

Block access

Require MFA

Allow access

Verify every access attempt

Signals Teams

Application

User and location Device

Real-time risk

Conditional Access

Prevent

Teams access

from non-

work

locations

Way for external Teams users from an entire domain to

find, call, chat, and set up meetings with you in Teams.

Examples:• For example, Rob@contoso.com and Ann@northwindtraders.com are working on a project

together along with some others in the contoso.com and northwindtraders.com domains.

• Users in your organization use Teams to contact people in outside of your organization.

• Any Teams user in any org can find and contact you, using your email address.

Information protectionProtect your sensitive data –wherever it travel

DLP Mode

- Passive

- Intercept

Sharing of data

- Internal

- External

Scoping

- Per User

- Per Team

Security

Performance

Flexibility

Protection

- Messaging

- Files

Primary DLP Scenarios in Teams

▪ File sharing with external users (guests, federation)

▪ Chats & channel messages with external users (guests, federation)

▪ Sensitive content shared within inappropriate teams

Types of Protection

▪ Protection through storage of files in OneDrive for Business and

SharePoint Online

▪ Protection and classification thru O365 DLP engine &

investigating 3P integration

▪ Teams UX allows for policy blocks, false positives, overrides and

edits.

Policy tips

Block sharing

User overrides

Notification emails

Admin Alerts

Incident Reports

Integration with Activity API

Custom Sensitive Types

Data Loss Prevention in Teams

Discover and respondIdentify, collect and produce content

Discovering data efficiently is

important for both legal and IT

professionals

57%Of corporate counsel plan to increase their total

eDiscovery spend next year

$3BWas spent on eDiscovery software in 2018

71% Of corporate counsel are leveraging technology

and/or best practices to improve legal operations

Capability

In-place

eDiscovery

Advanced

eDiscovery

Case Management ✓ ✓

Access Control ✓ ✓

Content Searches ✓ ✓

Hold(s) ✓ ✓

Export ✓ ✓

Duplication Detection - ✓

Relevance Searches with

Machine Learning

- ✓

Unstructured Data Analysis - ✓

Case management

Access Control

Content Searches

Hold(s)

Export

Advanced eDiscovery

All of in-Place +

Duplicate detection

Relevance Searches with

Machine Learning

Unstructured Data

analysis

In-p

lace

eD

isco

very

Red

uce

eD

iscovery

costs

• If a Microsoft Teams-enabled user

has an on-premises mailbox and

their user account/identity has been

synched to the cloud, Microsoft

creates a cloud-based mailbox (or

phantom mailbox) to store 1xN

Teams chat data.

• After the Teams chat data is stored in

the cloud-based mailbox, it's indexed

for content search. Learn more

• Channel Messages – Covered by EXO

Group mailbox

• Guest Users 1xN Chat – Covered by

Cloud Storage

Features Available

Content Search, Preview & Export Now

Support for Retention Policies Coming soon

Support for Legal Hold Coming soon

Data Governance

Manage content lifecycle

Data governance & retention in Teams

Comply

proactively with

industry

regulations and

internal policies

Reduce your risk

in the event of

litigation or a

security

Help your

organization to

share knowledge

effectively and be

more agile

• Retention Policies allow IT admins to manage the lifecycle of

content within Office 365, including all data from Teams.

• Retention Policies if set, will wipe out the Teams Data from all

possible locations in the Microsoft cloud infrastructure. If

persistent chat is a requirement without retention, then default

retention policy can be overridden to extend it for N years (or

indefinitely).

▪ Flexible – different policies for

different types of Items

▪ Standard Preservation &

Deletion Policy templates

▪ Integrates with Legal Hold and

e-Discovery

▪ Integrated Management

Teams related Retention

polices

Retention period Retention action

Chats (1x1, 1xN) Configurable by tenant (days)

in Security and Compliance

Center, example: 30 days

▪ Delete & Allow recovery

▪ Permanently delete

▪ Archive

Channel messages Configurable by tenant (days)

in Security and Compliance

Center, example: 365 days

Files (SharePoint Online and

OneDrive for Business)

Configurable by Tenant for Site

Templates, Site Collections and

Document Deletion

▪ Delete & Allow recovery

▪ Permanently delete

▪ Manage through Records

Management

Establish Team or chat retention and deletion policies

Retention policies for Teams

Establish Team or chat retention and deletion policies

Retention or Deletion policies

• Archiving in Office 365 enables preservation of all content

immutably and enables retention, eDiscovery and other

compliance capabilities.

• Archiving for Microsoft Teams leverages existing Office 365

archiving management tools that are used for email and

SharePoint files.

• A team can be archived when it’s not longer active, it will be read-

only and it can be reactived in the future.

• Microsoft Teams chats and channel messages are archived using

Exchange online storage

• 1: 1 chats and group chats → individual mailboxes

• Channel messages → group mailboxes

• Messages are automatically moved to the archive mailbox

after two years*

• Office 365 Compliance Admins will have a fast learning curve with

Teams Archival Process since it leverages the Security and

Compliance Center in Office 365 admin portal.

▪ Immutable data

▪ Integrated management

▪ Safeguard your data

▪ Highly reliable, available and

performant

▪ Unlimited Storage*

• When a reasonable expectation of litigation exists, organizations

are required to preserve electronically stored information (ESI)

relevant to the case. This expectation often exists before the

specifics of the case are known and organizations may need to

preserve broadly all information related to certain individuals,

keywords or topics.

• Litigation Hold is normally used when an entire mailbox has to be

put on hold.

• In-place hold is used when holds are to be created and placed

based on fine tuned search criteria across mailboxes.

• All of the Teams Information Protection dataset can be put on

litigation hold. This includes 1:1 chats, Group chats, Channel

messages, Files, OneNote and Wiki.

• Users can continue to use Teams seamlessly when their data is put

on hold.

• What happens to edits and deletes when a user is on hold

• All Teams Chats, Channel Messages (both current and

archived) are subjected to hold

• All Edits to Messages are allowed but will be tracked

separately than the original message

• All Deleted Teams data will still be persisted.

▪ Permanently Preserved Data

within Office 365 solution

▪ Flexibility: Multiple Time Based

Holds

▪ Integrated management with

eDiscovery

▪ Narrow Down on Legal Data –

Intelligent Query based holds

▪ Transparent to End User

GA

▪ Search Across item types

▪ Search Organization wide

▪ Highly Scalable

▪ Export for offline use

▪ Uncover Search Statistics

• Content Search can be used to search mailboxes, SharePoint

Online sites, OneDrive for Business Locations and Teams Data

across all of the organization. There are no limits on the number of

mailboxes or the number of searches that can be run at the same

time.

• Search Location

• All Teams user accounts and locations (SharePoint, Exchange,

OneDrive for biz) within a tenant can be included in a content

search.

• Search Filters

• Case Keywords, Team/Channels, To/From lists, Date Time, Size,

Message Type and File types are some of the many criteria

supported in Content Search.

• All Compliance Content Search results can be exported into a

Outlook Data File or .PST File. Individual Files and attachments can

also be downloaded and exported in a report.

GA

• Auditing and reporting supports the need for IT Admins to track

important business events within Office 365 and now in Teams.

• Audit Log(s) will be updated and available for searching and

reporting in up to 24 hours from when the activity was done in

Teams Client.

▪ Audit all Teams Events

▪ Audit all/specific users

▪ View, Filter, Export results

▪ Unlimited Auditing Timeline

Account Logon events

User/Admin Login and Logout from teams

Client(s)

Service Logins and Sessions

Object/File Access Events

File Creation/Access/Upload/Deletion

File rename/modification/movement/restoration

File Copy/Checking in and out

Process Tracking events

Setting Store Changes – Client and Admin

Portals

Additions of Connectors or Bots

Editing of Posted Chat messages

Account Management events

User Roles/Permissions setting/editing

Teams Enablement or License assignment

events

Group/Team/Channel Creation and Deletion

and member updates

Audited

Events

Manage internal risksEnforce communication policies

Organizations face a broad range of risks from insiders

Data spillage

Confidentiality

violations

IP theft

Workplace

violence

Regulatory

compliance

violations

Fraud

Policy

violations

Insider trading

Conflicts of

interest

Leaks of sensitive

data

Security

violations

Workplace

harassment

Information Barrier (IB)/Ethical wall in Teams

.

Quarantine information

Restrict information sharing

Control flow of information

Information Barrier in Teams

Info Barrier policies in Security & Compliance Center

Meetings between segmented users

Supervision in Teams

.

Risk ManagementIdentify and manage legal

and corporate risk

Regulatory ComplianceSEC, FINRA require

communications oversight

Corporate PoliciesEmployees must

comply with ethical

and other corporate

standards

Supervise Teams content – channels & chats

Supervision – specify conditions

Teams events as part of M365 Audit

Get visibility into

changes to policies,

groups

Need investigation

capability around

breaches

Gain visibility into

changes to org

compliance policies

Need to know who

accessed what, when &

how

Audit log’s in Teams

Audit of users who are added

MCAS + Teams

Alert’s for external users added to Team

Office 365 Advanced Threat ProtectionProtect against sophisticated threats and automatically investigate and remediate attacks

Actionable insights

Automated response

Industry-leading protection

Training & awareness

ATP Safe links in Teams (roadmap)

Advanced Threat Protection – Safe Attachments

O365 ATP Safe links