The massive use of remote work in recent months has prompted many organizations to turn to collaborative solutions. Amongst them: Microsoft Teams, the remote work application which facilitates collaboration between teams. In facts, the firm has seen its number of active users jump (+ 12 million) since the start of the COVID-19 crisis!
Microsoft Teams is offered with most Microsoft 365 offers (ex Office 365). And just like Microsoft 365, a good understanding and configuration of the application is essential to prevent data leakage, whether accidental or not.
Microsoft Teams facilitates data exchange and sharing, but at what cost?
Meet remotely, easily communicate by chat or videoconference around several discussion channels, share files internally and externally, collaborate on a document from anywhere,… These are advantages that many employees have discovered while working remotely through collaborative platforms such as Microsoft Teams.
The problem is that by increasing exchanges and sharing of information, these tools can expose companies to new risks: data leaks, introduction of malware, intrusions, etc.
In addition, behind Microsoft Teams, we find amongst others OneDrive and Sharepoint. This said, the solution can be perceived as a new interface by employees, allowing the dissemination of information, in particular through discussion groups that can integrate people external to the company.
It is therefore important to control the diffusion!
7 essential rules to secure Microsoft Teams and reduce the risk of data leakage
1. Manage your groups and memberships
Who has access to what and how they can join the groups they are authorized to join. For example: When new employees join the company, they can be added to certain groups containing data they need based on an attribute in Azure Active Directory.
Good configuration is also necessary for guests from outside your company (customers, suppliers, partners), restricting their access to maintain the necessary confidentiality.
2. Manage the life cycle of groups
How will a group be created and by whom? What will be the life cycle of the group? Is an expiry rule needed? When does the group start and end? Can any of these events be automated? Do you want automatic archiving for the group?
Thinking about the use of the users in a group will help you ask the right questions.
3. Regularly check guest users
The number of external users that can be activated depends on the Azure Active Directory license level. Their number is therefore limited.
It is therefore recommended that you check back regularly to monitor how many guest accounts have been created, disable older ones, and perhaps detect anomalies.
4. Set up a multi-factor access control procedure (MFA)
This is one of the most effective ways to reduce the impact of ID theft. Indeed, the MFA ensures that only regular users will be able to log in.
Also, did you know that you can receive an alert in case of a suspicious connection (from an unlisted device, from an unusual location or time…) thanks to Azure Sentinel, Microsoft’s SIEM solution?
5. Protect your resources
You can also take advantage of key Microsoft 365 features such as:
- Microsoft Azure Information (AIP), which allows you to tag sensitive data and control its sharing through access and data exchange policies to authorized persons, based on the classification of your documents.
- Advanced Threat Protection (ATP) that analyzes and blocks links and attachments to malicious content.
6. Prevent downloading to uncontrolled devices
Any document shared in a Teams discussion does not necessarily need to be uploaded by external participants since the solution already offers editing directly from its interface.
You thus limit the number of desynchronized copies on the equipment and thus the risk of data loss.
7. Analyze “guest” Sharepoint shares
Continuous auditing of publicly shared documents should be part of good practice. To do this, you need to make the link between an invited user, the discussion channel they belong to, and the documents that have been shared with them. And you need to make sure that these do not include sensitive information that an external user should not have access to.
Collaboration platforms are effective tools for working and sharing company information internally and externally. But the performance of these solutions should not come at the expense of the security of your organization.
Need an audit of your Teams and Microsoft 365 environment? Contact us! Our cloud security experts will be able to assess the security configurations implemented and then assist you in the deployment of additional controls if necessary to help you protect your data.
