1. Define who is allowed to create teams
Appropriate permissions are important for governance. This allows you to prevent uncontrolled growth in your Teams platform. If the permissions have not been restricted in advance, every user normally has permission to create Microsoft Teams workspaces and can therefore invite new members as the owner without any restrictions.
However, if you restrict too many users here, then all the work will pile up in the IT department. This leads to a reduction in user acceptance, because as a result there are long waiting times when creating teams.
To create a balance here, users/user groups should be authorised to create teams accordingly. For this purpose, create a concept of when and for which business reasons new teams may be created and which persons are responsible for this.
When setting up teams, it should also be noted that at least 2 team owners are defined. This way you can ensure that in the course of a substitution arrangement one owner is always present to be able to invite new members and thus the work flow of the team is not interrupted.
2.Team owners should not be site collection administrators
Each Microsoft Teams group contains a standalone SharePoint Site Collection in the background. As soon as you add someone as an owner in a Teams workspace, the user automatically receives Site Collection administration rights on the associated SharePoint Site Collection. Therefore, it may come as a surprise to IT administrators that Teams owners are also given Site Collection Admin permissions.
The SharePoint Site Collection Administrator has the highest permission to manage the SharePoint site and therefore gets control over all settings that can be managed in the web interface. In addition, this person can also add other Site Collection Admins. Even though the Site Collection Administrator is not a full system administrator role and this permission is not transferred to other Site Collections, you should still choose the owners wisely.
One of our best practices for the topic is to perform the teams creation with a Service User so that no end user is given SharePoint Site Collection Administrator rights. This gives you better control over the sharing settings of the SharePoint Site Collection and also for later archiving and deletion processes.
3. Work with channels and apps for greater oversight
Many workspaces can make it difficult for staff to collaborate and also slow down the management of the internal IT department. Here you should work with channels/channels to structure the workspace into appropriate sub-items. In contrast, too few teams can lead to an overcrowding of topics and limit clarity and findability.
When you create a new team, it can be tempting to file everything in the General channel and create new tabs for each need. But this can quickly create confusion and clutter, making it harder to find anything.
The General channel should be seen more as a landing page or a hub for interactions between team members. Therefore, for new topics within the team, you should also add new channels to make it easier for all users to distinguish between topics. In addition, this allows documents and other files to be stored in a more orderly manner and then also easier to find.
Link apps or websites into individual channels of your teams. This increases your productivity and simplifies access to external apps and sites. This additionally enables direct use of Microsoft Planner and OneNote.
Microsoft Planner, for example, as a task management tool, offers a good way to track tasks and then enter them without much effort. This way, task lists can be created depending on the team and you can be sure that every team member has access to the same list and secure governance in this area.
4. Use approval processes to prevent chaos
When deploying teams, it is advantageous to link them to an approval process in order to be able to track for which topics teams are needed. It is not possible to map an automated approval process through the Microsoft standard.
Authorised users then receive, for example, depending on the department, the authorisation to check requests for Teams and to create them.
In this case, the responsible persons bring the appropriate expertise with them and can thus decide whether the teams creation is necessary or not. In this way, duplicates and uncontrolled growth of teams can be better prevented. This transfers the burden of approvals to the individual departments and improves your governance process when creating new collaboration spaces.
Approval processes are not always necessary. Identify the processes where it is needed and use it there. However, always keep an eye on your team spaces and check that governance and compliance rules are being followed.
5. Decide between dynamic memberships and automation
Even with multiple team owners, managing teams can take a lot of time and negatively impact your governance. Additionally, you don't want to risk your users getting a free entry into all teams.
With dynamic memberships, you can define a team's membership through various rules. In the Azure Active Directory, certain user attributes can then be checked, so all users from the Sales Department, for example, are then assigned to the Sales Team.
The disadvantage is that you can define the team members through rules, but not the team owners. In addition, members cannot be added manually afterwards, as the memberships are defined via the dynamic group rules.
Furthermore, users are added to or removed from teams without warning. So it can quickly happen that users suddenly lose access to certain documents. And an outdated ticket system is out of the question as a solution.
So if you want full freedom in choosing users and owners of your teams and still don't want to do without automation, or if you don't have enough capacity, you should definitely go for an MS Teams Governance solution. This allows you to determine individual processes, how, when and by whom your users are automatically added to the teams.
By also linking your security and compliance policies with automation processes, you relieve your IT department and create a user-friendly operation of the Microsoft Teams platform for all users.
6. Standardise your teams
To ensure that all employees can quickly find their way around Microsoft Teams and do not have to restructure themselves when working on different projects, standardising the teams is a great advantage.
Our best practice here is to prepare multiple templates for areas such as departments, projects and public community teams to further increase your governance.
Design team channels, tabs and a logical folder structure for the different areas, so all users can find their way around each team without much effort or training. Also make apps available in advance that could be important for the collaboration of your users, such as OneNote and Planner before users get the idea of creating them themselves. There is a risk here that personal OneNotes or possibly also undesirable apps will be linked.
Manually standardising the Microsoft Teams environment can be very time-consuming, depending on the number of teams. To relieve the internal IT department, you should consider automating this creation process. There are various solutions for this on the market.
With such a Microsoft Teams add-on, you can have your teams automatically provisioned with predefined templates. Your users then make requests with these templates and have them approved by selected approvers. Your IT then only decides which users get access to which templates and how the approval process behind the automated provision of the teams should look like.
7. Tagging of documents
Do you want your employees to find more and search less? Then document management is another topic you should consider to ensure perfect governance.
The more digitalisation takes place in the company, the more electronic documents are stored. This has the positive effect that all users have access to relevant data from everywhere. However, documents are often stored in the wrong place or not correctly labelled, which means that they cannot be found or are not clearly identifiable.
With appropriate document indexing, this challenge can also be overcome, thus enabling simplified searching and successful search results. Unfortunately, you are confronted with a limitation by the Microsoft standard features, because these do not offer any keywording of documents and also no possibility to add additional metadata.
The key here is automated keywording and integration with SharePoint Syntax. AI-based document analysis and metadata extraction also enables deployment in Microsoft Teams, significantly improving the search experience. Build a clean information architecture for improved enterprise search and enable your employees to find their way around faster and work more effectively.
Automated governance solutions sometimes offer automatic document tagging as soon as documents are filed within a team. In addition, the given functionalities can be used to create search portals for the enterprise.
8. Define Url- & naming conventions
Improve the findability and structuring of your Microsoft Teams workspaces with the help of naming conventions. You can provide additional standardisation by giving the teams prefixes that are based on different characteristics. For example, all project-related teams can begin with "Project".
An additional abbreviation for different departments or for different locations, for example, can help to subdivide further. Be careful not to make the naming conventions too long and keep a legend of the abbreviations used.
With various MS Teams add-ons, you can automatically define original and naming conventions according to predefined templates. In addition, you can extend the naming of your teams with the help of metadata. Here, the user does not have to act on his own and the solution takes over the standardisation.
9. Lifecycle management: Archive inactive teams
Enhance your Microsoft Teams governance by identifying and archiving inactive or irrelevant teams. In the Microsoft Standard, you can manually archive teams as a team owner. The team is still discoverable by users and documents are read-only for all members except the owner. The owner of the team can also restore it if it is needed again. This means that the owner can still make changes to documents.
So think about which properties and which state a team must reach in order to be archived or even deleted. For example, if a customer project is successfully completed, the associated team can be archived.
This archiving process again represents a major time commitment for the IT department. However, handing over this responsibility to other users is often not the appropriate solution. Consider using an automation solution and triggering business processes using metadata to identify inactive teams or completed projects without wasting time and effort.
10. Manage external users
If you want to exchange and collaborate with your partners and customers, you do not have to set up new accounts for this purpose, but can invite external users directly into your teams. These are added to the teams quickly and easily with the help of invitations from other users. However, external users are usually not removed after they are no longer supposed to participate in the workspaces.
Often external users are simply neglected after they gain access to the teams and persist, quite often until the end of the lifecycle in the teams. So until they are finally removed, you have access to all the team's stored documents .
This poses a great security risk, especially if the NDA contracts concluded with external users lose their validity and have to be concluded anew. As soon as external users with invalid NDA contracts are within the teams, this can pose an additional threat to the legal foundations.
Using the standard Guest Access feature of Microsoft Teams, no control is offered as to which external users may be invited into the teams. This creates a risk of unwanted users gaining access to Teams and the data it contains.
To improve the management of external users in your company, you should define a routine in which you regularly check the authorisation of external users and adjust it if necessary. This can be simplified by automation, which automatically removes users and prevents unauthorised access after a certain period of time has elapsed.
When implementing Microsoft Teams, it is important to plan and conceptualise ahead. Carefully consider the types of users in your organisation and what requirements you may face.
When setting up your Teams platform, consider the structure of the Teams rooms and keep an eye on clarity in order to create the perfect collaboration platform for each user.
Ensure that you have the right authorisation structure to reduce the burden on your internal IT. It is important to find the right balance between user freedom and IT control. Too much freedom makes for confusion and wild rushing, too much control makes for steadily decreasing user acceptance.
If governance and compliance are then also not sufficiently fulfilled, the use of a 3rd party solution can make sense.
In addition, Microsoft offers many features as standard, which are enhanced by 3rd party solutions due to the complex requirements in the company. The solution does not have to be developed in-house.
If Microsoft Teams is already in use at your company and does not achieve the desired acceptance among your users, you should definitely opt for an automation solution for your governance.