Get best of the week

Information Security Fundamentals at Microsoft Teams



Microsoft Teams is the cornerstone of the Office 365 portfolio. It is designed to connect other products together, helping users work together and providing several types of communication (including between Microsoft cloud products) in a single interface.

In this article, we will describe Teams, talk about the basic functionality and explain how you can secure access and protect organization data, leaving users with all the possibilities of using the collaboration platform.

More on this topic can be found in the joint publication of Microsoft and Varonis - the eBook «Cybersecurity from the Inside Out»

a higher-level statement:
  • Teams – Office 365 (, , – , , , Microsoft);
  • Microsoft Teams Office 365, Teams ;
  • Varonis Teams, Azure AD, SharePoint Online, Exchange Online OneDrive - , , , , , . .

Microsoft Teams




Before we look at usage scenarios, there are a few Teams tweaks to be aware of. When you create a new “team” in Teams, the corresponding SharePoint Online site, OneDrive section, and Azure AD security groups are also created. Thus, you can take Teams as a kind of external interface for all these systems behind him in Office 365. It will also help to understand how to use Teams as such an interface.

What the Teams client allows you to do:
  • To organize interaction between employees, with support for all the functions of modern messengers, and use the entire functionality of the collaboration platform;
  • Easily transfer and edit documents and calendars;
  • Switch between voice, text and video communication in the Teams interface;
  • Salesforce, SuccessFactors, Zendesk, Mailchimp, Evernote ;
  • , .



For example, our Marketing team contains the channels General, Budget, Inbound, Not Work, and Reading List. Users can hide channels they don’t want to see on the list. You can allow users to create new channels within the team, as we did with the Not Work channel.

Each channel has its own interaction history. You can use @% username% to allocate an entry for a specific user, and then Teams uses the built-in Windows notification system to display pop-up alerts if they are needed.

Each channel also has tabs:



Posts, where you can see the history of correspondence, Files - the SharePoint site, and you can also add your own:



New tabs can make Teams the central communications hub for the entire organization. You can connect SalesForce, SuccessFactors, Zendesk, and other more than 180 services currently available for integration.

Files on the Files tab are automatically available to all team members. Otherwise, this display works like any other folder in a Windows environment. You can create links to these files in this interface, based on the rules of your organization for providing access.



If you click on the file, the editing interface will open directly in the Teams window. You can also open the file in the appropriate editor, in this case, in Word.

The Chat option on the left allows you to go to group chats or to one-on-one correspondence:



In this display, you can chat, make audio and video calls or show your screen, as well as add other people to the chat, share files within the resulting group through the Files tab. All this almost completely repeats the functionality of Skype for Business, and prepares users to switch from it in the future.

Installing
Teams requires Microsoft UZ and an Office 365 license. However, Microsoft added guest access to Teams in November 2019. Now Teams users with Enterprise licenses can invite external users to their channels.

You can install Teams on many devices with supported platforms - for example, Windows, MacOS, iOS, Android, Linux distributions that support RPM or DEB packages.

For corporate customers who need to distribute Teams across all user devices of the organization, Microsoft has prepared the appropriate instructions .

What is Teams collaboration concept?

In general, Teams works the same on all platforms. The following 5 sections are used to navigate the interface, display messages and appointments:

  • Activity - displays messages from all connected channels. The most recent and unread - located at the top and in bold;
  • Chat - here are all the dialogs and group chat conversations;
  • Teams - here you can see all the connected channels, and click the mouse to go to the necessary one;
  • Calendar - if integration with Outlook Calendar is enabled,
    your calendar will be presented here ;
  • Calls — .

Microsoft Teams


Of course, such a platform increases the risks of data leakage. For example, here is a scenario: users make the most out of Teams, which is great. They create new cross-functional teams and share documents with each other, which, in general, helps them do their job perfectly. They invite guest users to join channels to discuss work tasks, and create links to documents so that anyone who needs them can access them when necessary.

On the one hand, it sounds great.

On the other hand, and especially for information security experts, this is an incredible amount of new and unorganized risk to which you consciously expose your network and data.

Microsoft Teams - Pros and Cons


  • PROS: Easy to deploy and customize Office 365 customers
  • : Azure AD
  • : Office 365
  • :

  • : Microsoft
  • : ( – , )
  • : Office 365 , ,
  • :



We at Varonis have deployed Office 365 and Teams. Our data security strategy is based on activity monitoring and threat analysis using our own solutions .

Ongoing monitoring and analysis of what is happening in Teams and Office 365 is the best choice to ensure that no fraud occurs that puts the data at risk.

Microsoft Security Best Practices


Are common
  • Create additional channels in Teams for direct interactions
  • Allow users to create new teams, but maintain observability and quickly correct incorrectly granted access
  • Benefit from integrating Teams with other software and services
  • Use chatbots to notify about events and tasks
  • Use PowerShell to Manage Teams






Microsoft Teams


: Teams ?


A: Yes and at the same time - no. Microsoft has offered Guest access to Teams, so technically you can invite people from outside your organization to chat within your channels.
However, due to the fact that this was done recently, it is still difficult to say how well it will work in practice. After some time, we can already say that the functionality similar to Skype for Business works identically.

Q: How to prevent Microsoft Teams autorun?


A: In the Settings menu, uncheck “Auto-Start application”



Q: How to use Microsoft Team Meeting?


A: You can start a private meeting or schedule a meeting from the Calendar tab in Teams. This functionality repeats that in Skype for Business. The end of the life cycle of Skype for Business software is scheduled for 2021, and this functionality, like all the other duplicates in both clients, will go completely to Teams.



For technical information on Teams and Office 365 security, we suggest you study an English-language training course lasting 1 hour from one of the recognized authorities in the field of SharePoint, Office 365 and hybrid solutions, as well as managing them using PowerShell: Office 365 Sharing Security Audit .

More articles:


All Articles