The 10 key best practices in Microsoft Teams Governance

1.  Define who is allowed to create teams 

Appropriate permissions are important for governance. This allows you to prevent uncontrolled growth in your Teams platform. If permissions have not been restricted, every user normally has permission to create Microsoft Teams workspaces and can therefore invite new members as the owner without any restrictions.  

However, restricting too many users quickly leads to a high work load in the IT department. This in turn results in a reduction of user acceptance, because of the associated long waiting periods when creating teams.  

To strike a balance here, users/user groups should be authorized to create teams. For this purpose, devise a policy of when and for which business reasons new teams may be created and determine who should be responsible for doing so. 

When setting up teams, it is recommended that there be at least 2 team owners. This way you can make sure that in case of a substitution arrangement one owner is always present to invite new members, thus avoiding an interruption in the work flow of the team. 

2.Team owners should not be site collection administrators 

Each Microsoft Teams group comes with its own SharePoint Site Collection, which is created in the background. By adding someone as an owner in a Teams workspace, the user is automatically assigned Site Collection administration rights on the associated SharePoint Site Collection. Therefore, it may come as a surprise to IT administrators that Teams owners are also given Site Collection Admin permissions.  

The SharePoint Site Collection Administrator has the highest privilege level to manage the SharePoint site. This comes with control over all settings that can be managed in the web interface. He can also add additional Site Collection Admins. Even though the Site Collection Administrator is not a full system administrator role and this permission does not carry over to other Site Collections, you should choose owners wisely.

A best practice here has proven to be Teams creation with a service user, where no end user is given SharePoint Site Collection Administrator rights. This allows you to maintain better control over the SharePoint Site Collection sharing settings - including later archiving and deletion processes.

 3. Working with channels and apps for an enhanced overview 

An excess of workspaces can make it difficult for employees to collaborate and slow down management of the internal IT department. When faced with this problem, you should work with channels/channels to structure the workspace into appropriate sub-items. In contrast, too few teams can lead to topic overload and compromise clarity and findability..  

When creating a new team, it can be tempting to file everything in the General channel and create new tabs for each need. But this can quickly cause confusion and clutter, making it harder to find anything.  

The General channel should rather be seen as a landing page or a hub for interactions between team members. For new subject areas within the team, new channels are preferable to enable better differentiation between subjects for all users. It also makes it easier to store documents and other files in a more orderly fashion and find them later.

Link apps or websites into individual channels of your teams. This increases your productivity and simplifies access to external apps and sites. Additionally, this allows you to include Microsoft Planner and OneNote.

Microsoft Planner, for example, is a task management tool which provides a great way to track tasks and record them without much effort. According to the team settings, you can create lists, ensuring that each team member has access to the same list. This provides you with optimal governance in this area.

4. Use approval processes to prevent chaos

When provisioning Teams, it is useful to link them to an approval process. This permits the tracking of the topics for which teams are required. The Microsoft standard does not allow for an automated approval process.

For example, by linking the creation of a team to an approval process, authorized users are given permission to review requests for teams and create them, depending on the department. 

In this case, the people in charge bring the appropriate expertise to the table and can decide whether the teams creation is necessary or not. This helps to better prevent duplication and proliferation of teams spaces. This shifts the burden of approvals to the individual departments and improves your governance process when creating new collaboration spaces.

Approval processes are not always necessary. Identify the appropriate processes and put them in place. While you're at it, keep an eye on your team spaces and check that governance and compliance rules are being followed.

5. Choose between dynamic memberships and automation 

Even with multiple team owners, managing teams can take up a lot of time and negatively impact your governance. On the other hand, you don't want your users getting a free entry into all teams. 

With dynamic memberships, you can define membership in Teams through various rules. Specific user attributes can then be checked in Azure Active Directory. For example, all users from the Sales Department are then assigned to the Sales Team.

The disadvantage is that you can define the team members by rules, but not the team owners. Furthermore, members cannot be added manually afterwards, because the memberships are defined via the dynamic group rules.

Furthermore, users are indiscriminately added to or removed from teams without prior notice. Therefore, users are bound to suddenly lose access to certain documentes. And an outdated ticket system is definitely not a viable option. 

So if you want full freedom in choosing users and owners of your teams without sacrificing automation, or if you don't have sufficient capacity, you should definitely consider an MS Teams Governance solution. This will allow you to determine individual processes and define how, when and by whom your users are added to the teams in an automated way.

By additionally linking your security and compliance policies with automation processes, you relieve your IT department and ensure a user-friendly operation of the Microsoft Teams platform for all users.

6. Standardize your teams 

To ensure that all employees can quickly find their way around Microsoft Teams and do not have to adjust when working on different projects, standardization of teams is a great advantage.

It has proven to be a best practice here to create multiple templates for different areas to further enhance your governance. Experience shows that templates for categories such as departments, projects, and public community teams have been found to be the most appropriate.

Design team channels, tabs and a logical folder structure for the different areas, so all users can find their way around each team without much effort or training. Also, deploy apps like OneNote and Planner up front that might be important for your users to collaborate with. Otherwise, users might get the idea to create them themselves, which poses the risk of linking personal OneNotes or apps that may not be desirable.

Manually standardizing the Microsoft Teams environment can be very time-consuming, depending on the number of teams. In terms of fundamentally relieving the burden on your internal IT department, you should consider automating this investment process. There are various solutions for this on the market.

Using a Microsoft Teams add-on, you can have your teams automatically provisioned with predefined templates. Your users then make requests with the appropriate templates and have them approved by selected reviewers. Your IT department simply determines which users should have access to which templates and what the approval process behind automated Teams provisioning should be.

7. Tagging of documents  

Do you want your employees to find more and search less? Then document management is another topic you should consider to ensure perfect governance.  

The more digitalisation takes place in the company, the more electronic documents are stored. This has the positive effect that all users have access to relevant data from everywhere. However, documents are often stored in the wrong place or not correctly labelled, which means that they cannot be found or are not clearly identifiable.  

This challenge can be overcome with appropriate document tagging. It enables simplified searching and allows for successful searches. The Microsoft standard offers merely insufficient possibilities in this respect, because it neither offers the option of keywording documents nor of entering additional metadata.

The solution is automated keywording and integration with SharePoint Syntax. AI-based document analytics and metadata extraction also enable delivery to Microsoft Teams, significantly improving the search experience. Build a clean information architecture for improved enterprise search and enable your employees to find their way faster and work more effectively.

Automated governance solutions sometimes offer automatic document indexing as soon as documents are stored within a team. In addition, the given functionalities can be used to map search portals for the companies.

8. Defining URL and naming conventions 

Improve the findability and structuring of your Microsoft Teams workspaces with the help of naming conventions. You can provide additional standardization by giving teams prefixes based on different characteristics. For example, all project-related teams can start with "Project".

You can further differentiate by defining an abbreviation for different departments or for different locations, for example. Make sure that the naming conventions do not become too long and keep a record of the abbreviations you use.

With various MS Teams add-ons, you can automatically set URL and naming conventions depending on predefined templates. In addition, you can extend the naming of your teams using metadata. In this case, the user does not have to take action, but can have the standardization done by the tool.

9. Lifecycle management: Archive inactive teams

Enhance your Microsoft Teams governance by identifying and archiving inactive or irrelevant teams. In the Microsoft Standard, you can manually archive teams as team owners. The team can still be found by the users and the documents are set to "read-only" status for all members. Only the owner of the team can restore the editable status should it be needed again. This means that the owner can still make changes to documents.

So carefully consider which properties and which state a team must have in order to be archived or deleted. For example, if a customer project is successfully completed, the associated team can be archived. 

This archiving process represents a major time commitment for the IT department. However, handing off this responsibility to other users is often not a satisfactory solution. Deploy an automation solution and use metadata to trigger business processes to identify inactive teams or completed projects without wasting time and effort.

10. Managing external users

If you want to share and collaborate with your partners and customers, you don't need to create new accounts for that. External users can be invited directly to your teams and quickly and easily added to the teams by inviting other users. However, very often external users are not removed after they are no longer supposed to participate in the workspaces.

It often happens that external users are simply neglected after they have been given access to the teams. Their access then remains, not rarely until the end of the team's lifecycle. Until they are removed, they can access all the team's stored documents.

This poses a major security risk, especially if the NDAs concluded with external users lose their validity and have to be concluded anew. Once external users with invalid NDAs are within the teams, this can pose a risk to legal security.

The standard Guest Access feature of Microsoft Teams does not provide control over which external users can be invited to the teams. This creates the risk of unwanted users gaining access to the teams and the data they contain.

To improve the management of external users in your company, you should define a routine in which you regularly check the authorization of external users and make adjustments if necessary. This can be simplified by automation, which allows for automatic removal of users and prevents unauthorized access after a certain period of time has elapsed.