Christmas has seemed to come around mega fast this year. It's three weeks today. Hopefully, you've already done your shopping by now and have a week or two off to enjoy the festivities. I had some time today to sit down and watch Elf with my son. This'll begin a marathon of Christmas movies which will include The Santa Clause, Miracle on 34th Street, Home Alone and my personal favorite It's a Wonderful Life. I'm also pretty sure we'll all see the time honored question-slash-poll go up on social - 'Is Die Hard a Christmas movie?' or gif's of John McClane - 'yippe ki yay mother...'. Of course, I hope it all goes well for you this year. One present which has arrived early for all us Microsoft Teams fans is End to End Encryption (E2EE). Announced at Ignite back in the spring, the public preview is finally here. However, before we suddenly break out the eggnog and get a bit rowdy on those calls we have to understand a few things right off the bat.
course updates. I am also back on the circuit courtesy of aMS Germany and Power Platform France. As always, thank you to the organisers for having me. Yet, despite all this good stuff I am also acutely aware that I haven't done any technical writing on the blog since the day before I got Covid - and as my good friend Vesku Nopanen released one today on the new Whiteboarding features in Teams, the situation demands I write. So where to start? Having effectively had two months off I can certainly say I am not in short supply of subject matter - but one that I thought I would start on since I am really interested in it is adaptive scopes for retention and label policies.
Last week I was in a bit of a funk. I just couldn't think of something to write about Teams. I mean, sure, at this point I've pretty much been writing about Teams weekly for over two years so it's probably not a surprise that the well runs dry occasionally. But there's also times where subject matter for blogs simply spring out of thin air. This was one. I was doing something like making my son's sandwich in the kitchen for lunch last Monday and there it was. You see the thing about me is I don't plan blogs. I don't have a list or an excel on my machine indexing what I am going to write about over the course of next few months. I'm much more clandestine and transactional. Basically I sit down and make something up on the spot, or if my memory is working as it should be take something I have thought about during the week and go with that. Sometimes it's easy. Sometimes I absolutely stitch myself up if the subject matter ends up being long. Overall? It kind of works out. So this week the thought was on Teams items in Secure Score. Secure Score is concerned with the measurement of an organization's security posture; a higher number indicating more improvement actions taken. In other words, the higher score you get, the more secure you should be through actions you have taken in your Microsoft 365 tenant such as enabling MFA or disabling legacy auth. Some people love it and see it as a great assessment tool which provides quantifiable measurements which can be used for continuous improvement and managed services. The more skeptical amongst us have viewed it as a way to work up the SKU's especially in the early days when you couldn't reach high scores without purchasing things like E5 or Azure AD P2 licences. Throughout 2021 (I had to look this up to confirm the dates), Teams was added as a new category in Secure Score and 6 items fell into this category. 1 in January, and 5 recently in July. All are to do with securing meetings. Let's go take a look at these six and how to implement each of them. Let's go get you 100% on Teams items in Secure Score. The completionist in me is looking forward to this one
We have previously explored the implementation of DLP and Supervision policies to the Team. We will now look at applying Sensitivity Labels - currently in Public Preview. By definition, Sensitively Labels allow Teams admins to regulate access to sensitive organizational content created during collaboration within teams. In other words, it can keep Teams private (removing the ability to be set as public) and block Guests from being added. The best thing is that labels can be set at a tenant label and easily applied when creating the Team. It gives administrators so much more control over the Team in terms that users cannot simply join the Team and Owners cannot simply add guests which are not authorised to access it's content. It's another layer of protection which should be added in any Teams roll-out. It's also an answer for blocking guest access on a Team by Team basis: this works well if the creation of Teams are regulated.
Data Loss Prevention (DLP) is a strategy for ensuring that team members do not send sensitive or critical information outside of the corporate network or to other team members. This could include financial information, personally identifiable information (PII) such as credit card numbers or information pertaining to Intellectual Property (IP) such as the design for a new application. It could even be extended to use cases such as barring profanity to be used in communications. Whilst Teams is a powerful application for users to be able to communicate and collaborate with guests and with other users in other Teams tenants, organisations also need to protect themselves against data leakage and the infringement of compliance regulations such as GDPR. Applying a DLP Policy to Teams is an essential step in any Teams deployment