Skip to main content
green dots

8 Microsoft Teams Governance Best Practices

As you roll out more users, have more meetings, and create more teams, you can find yourself overwhelmed with Microsoft Teams. To avoid this, it’s important to know you’re working in line with Microsoft Teams governance best practices. 

Microsoft boasts over 115m daily active users but doesn’t document how many have a dedicated governance plan. 

Failure to define and adhere to Microsoft Teams governance best practices leads to gaps in your security and compliance policies, time-consuming administration and management, and confusion among users as to what they can and can’t do. 

Before we jump into some best practices for Microsoft Teams governance, let’s first ensure we understand exactly what we’re talking about.

What is Microsoft Teams governance?

By Microsoft Teams governance, we mean how you manage users’ access and data in compliance with your business standards, and ensure the security of your data.  

Settings and policies widen out into Microsoft 365 governance as Teams integrates Office 365 Groups, OneDrive, SharePoint, and other Microsoft 365 services. 

Microsoft Teams governance is key to the day-to-day management and usability of Teams.  

By having defined governance principles, you ensure your business has a set way of using Teams that is communicated and expected from everyone. 

For example, users won’t create duplicate teams and channels if they know the set criteria for creation.  

When they do create a channel, they will use a specific naming convention so that channel doesn’t confuse other users as to the purpose of the channel.  

When users move from team to team and project to project, this can be a real time saver. 

It might be using a CRM project ID in a team name or using the correct legal customer name for a customer team.  

You could also use suffixes like {EXT] for teams with external guests. It might just be a common standard for of name for each channel, like “Proposals”. 

If you have five “Global Technology” teams across the world, but they work on separate projects, using the country before the team makes it clear to other teams which is the team they should be working in. 

But it’s more than just naming.  

It’s about ownership, and rules around what data can be kept in teams, external guest access, retention, archiving, and deletion.  

Teams must have lifecycle management. 

Blog image 1

Now that we’re clear on what we mean by Microsoft Teams governance, let’s jump into the best practices.

  1. Decide who can create teams
  2. Decide who can grant guest access
  3. Create (and communicate) a naming scheme for teams and channels
  4. Manage third-party app availability
  5. Know what happens when you delete and archive content
  6. Document when to have public teams and when to have private teams
  7. Standard vs private channels in Teams
  8. Automate governance where possible

Microsoft Teams governance best practice #1: Decide who can create teams

Do you want to allow everyone to create a team?

If everybody can create a team, there’s a delay for your users. When a new team is needed, any user can create one.

But what happens if creation is not managed? You end up with duplicate teams, teams that serve no purpose, and a heap of empty SharePoint sites on your back end.

So, you might think about restricting creation rights completely.

To do this in Teams, you need to remove the ability to create any Office 365 groups.

This will remedy the above issues but causes a new problem with your users who have a genuine need for team creation.

If they can’t create a team, those users may move to shadow IT.

When a user can’t do what they want immediately, it might be easier for them to use another app like Dropbox for file sharing or Slack for messaging.

If these are not your organisation's tools of choice, there is a risk they are not compliant when it comes to things like GDPR and ISO accreditations.

There are options here. You can:

  • Block all users from creating teams: use an external tool like a ServiceNow form or Microsoft form, have IT create the teams.
  • Allow all users to create teams: make sure you manage those teams after creation to ensure they meet organisational policies.
  • Enable users to create teams directly: but in a controlled way, through a third-party app like CreateTeam.
     

With one of our latest customers, they choose to allow users to create teams, but control it tightly with predetermined templates and naming conventions through CreateTeam.


Microsoft Teams governance best practice #2: Decide who can grant guest access

Teams allows external guests to join and directly access the team, chat, files, and apps.

With guest access, there is an easy on-off decision to make.

Are you going to allow all your users/teams to add guests from other organisations?

By default, Microsoft now enables all users to invite a guest to join their team.

You can control this at a global level in Active Directory or the Teams Admin Center.

Blog image 2

Or you can control this on a team-by-team basis with sensitivity labels.


Microsoft Teams governance best practice #3: Create (and communicate) a naming scheme for teams and channels

When you set up your first batch of channels in Teams, everything will look neat and tidy.

This could lure you into a false sense of security that this is the way it will always be.

In reality, if you let every different user in your business choose their own naming convention, they will express their individuality.

And while personality is important in business communication, inconsistency in channel names leads to confusion, untidiness, and reduced productivity.

If you’re a small team, generic terms are fine as they are less likely to get re-used and the number of teams and channels you’re in is small.

Image 3

But, when a business grows, or is already of a certain size, using team names like Marketing could mean any one of nine marketing teams.

Martin Perry, Owner of Redwing Training – a Microsoft Teams training company, says he always emphasises the importance of team and channel naming conventions.

“Just as important are the team and channel descriptions.”

Names must be clear, concise, and easy to understand.

Descriptions must also be included – especially in large organisations whose name have similar-sounding teams and channels (like accounts and accounts payable).

Again, these must be clear and concise.

There is no standard naming convention for Microsoft Teams channels so it’s important you direct this for your business.

You might want to adopt your file saving conventions to match historic SharePoint sites. The more intricate side of naming conventions is on the SharePoint side.

Whatever you decide on, make sure your naming conventions are clear and it is communicated that they are not optional.


Microsoft Teams governance best practice #4: Manage third-party app availability

Once your internal and external usage policies are set, think about the third-party apps you use (or may one day use) in Teams.

Third-party apps are any apps you use in conjunction with Microsoft Teams – and perhaps even from within Microsoft Teams.

The benefit of allowing your teams to install their own apps is that they can access their day-to-day apps without raising a ticket each time.

The disadvantage is they have access to install any third-party app.

It’s important to decide and communicate whether users will have access to these or whether they must request access each time they need a new app.

If you have the chance to, ensure your requirements gathering sessions with department heads include discovery of which apps everyone needs access to ahead of deployment.

Microsoft Teams has over 600 third-party apps published in its app store.

Image 4

Third-party apps include the likes of:

  • Trello
  • Zoom
  • Webex
  • Freehand
  • RingCentral
  • Cacoo
  • Lucidchart
  • Mural
  • Wrike
  • Givitas
  • And over 500 more

You can control which third-party apps can be used in your organisation in the Manage apps page in the Teams Admin Center.

Image 5

Scroll to Third party apps and toggle on or off.

You can also allow newly published apps by default or turn off to manage on a one-by-one basis.


Microsoft Teams governance best practice #5: Know what happens when you delete and archive content

When you remove content from Teams, where does it go?

For the everyday user, out of sight is out of my mind.

For the Teams administrator, knowing what has happened to your archived or deleted content is crucial for Teams governance.

When a user clicks delete content, it gets removed from the Teams channel.

Image 6

It is also removed from the underlying SharePoint site.

Image 7

Deleting teams in Microsoft Teams

If you delete the entire team, activity and content (files, chats, etc) are all deleted and cannot be recovered later unless you have access to the Microsoft 365 group that's associated with the team.

Deleting a team deletes the channels associated with it and the underlying SharePoint site too.

The alternative to deleting an entire team is to archive it.

You should archive teams (and content) if there if it likely you will need to use the team again.

To delete a team, open the Teams Admin Center.

  • Choose Teams
  • Select the team name you wish to delete
  • Click Delete
  • Click Delete again to confirm

Archiving teams in Microsoft Teams.

When you archive a team, activity is frozen but you can still make administrative changes like adding or removing members.

To archive a team, open the Teams Admin Center.

  • Choose Teams
  • Select the team name you wish to archive
  • Click Archive
  • Click Archive again to confirm

When you need to make an archived team active again, repeat the process above and choose Unarchive.


Microsoft Teams governance best practice #6 Document when to have public teams and when to have private teams

Image 9

In Microsoft Teams there are three types of team: Public and Private, and Org-wide.

Public means anyone in the organisation (tenant) can join the team at any time without any approval. They are discoverable to all users.

Private means owners of the team must admit new members. They are hidden from discovery.

Org-wide is a special type of team that automatically adds everyone in the organisation organization to be a part of a single team for collaboration. You can make more than one Org-wide team should you want to.

Usually, you will want private teams to control who has access to information, in line with the general best practice of minimum access to data/least privilege.

Public teams are useful for more company-wide or causal topics.

Can you change a Microsoft Teams channel from private to public?

To change a team from private to public (or vice versa), click by the team name and choose More options.

Choose Edit team > Privacy > Public or Private.

Don’t forget to save your changes.


Microsoft Teams governance best practice #7 Standard vs private channels in Teams

Image 10

The difference between a public and private channel is quite simple.

A standard channel is available for any member of the team to see. Team members have access to files, messages, and meetings within the channel.

A private channel is only open to specified members. You will need an invite from channel owner.

Once you have joined a private channel, you can access all its content.

Consider how extensively you want to use private channels.

When to use public vs private channels in Teams

Keep the difference simple:

  • Use private channels for private conversations and teamwork – like HR management, any work being worked on under Non-Disclosure Agreement (NDA), or anything that should not be seen by your wider organisation.
  • Use standard channels for teams which need (or might one day need) members from your wider teams to view or input, or if you might need to link to content stored within a team.

For example, if your board is working on the acquisition of another company, you don’t want everyone in your business to access the day-to-day activities of the process.


Microsoft Teams governance best practice #8: Automate governance where possible

Helping your users keep with Teams governance best practices can be challenging.

With Teamwork Analytics, you can use automation to target, prompt, and guide your users to ensure best practice.

Automations can send adaptive card notifications to users directly in Teams.

Examples include:

  • Minimum 2 owners per team
  • Remind Teams owners of guests
  • Notify owners of inactive teams to delete/archive
  • Notify owners or members of a deleted team

Automation is not limited to governance. It can also be used to drive user adoption and to help users improve their calling and meeting experience.

For a free 30-day trial of Teamwork Analytics, sign up here.