Security and compliance is an important topic in the Microsoft Teams environment. Microsoft has therefore extended the functionality of the sensitivity labels in the last few months in order to be able to apply them at container level as well.
Challenges in setting sensitivity and retention labels
- The introduction of sensitivity labels is very complex and therefore requires an advanced concept. Once the labels are activated and applied on document level or container level, it is very difficult to remove this protection.
- A high effort should be expected if the labels for the individual MS Teams and SharePoint rooms want to be set manually.
- There is currently no user-friendly automation option provided.
- Often end users are not able to decide which Teams room should be assigned which label.
Explanation of security levels in Teams Center
In Teams Center, you can configure security levels to suit your needs, allowing you to manage Sensitivity Labels, Retention Labels, and external user access with minimal effort.
With Teams Center and the security levels, you can manage and control the following areas:
Visibility: Decide whether your Teams rooms should be public and therefore visible to all users or set the visibility to private to show the Teams rooms only to the specific members.
External Sharing: Microsoft’s External Sharing allows users in your organization to share content with people outside the organization (e.g. partners, suppliers, clients or customers). With the help of Teams Center, you can decide for which Team rooms external users are allowed access and for how long this access will take place. You also have the option to extend the period or remove External Users at any time, otherwise they will be automatically removed after the specified time has elapsed.
Approval: Allow your teams to create rooms only after they have been approved by authorized people, depending on your requirements, this approval process can be single-step or multi-step. The approval feature can also be enabled or disabled depending on the template.
Sensitivity Labels: Sensitivity Labels allow you to classify, protect, and secure your organization’s data at the same time. Sensitivity Labels protection settings include encryption and content markers that can be applied to documents and emails. Sensitivity labels can be linked to security levels from Teams Center and deployed automatically. This eliminates the need for end users to decide which classification label to use. When you assign a Sensitivity Label to a piece of content, it’s like a stamp being applied and offers the following benefits:
Customizable: Specific to your organization and business needs, you can create categories for different levels of sensitive content in your organization. For examp**le, Personal, Public, General, Confidential, and Highly Confidential.
Clear text: Because a label is stored in clear text in the metadata for files and emails, third-party apps and services can read it and then apply their own protective actions, if required.
Persistent: Because the label is stored in metadata for files and emails, the label roams with the content, no matter where it’s saved or stored. The unique label identification becomes the basis for applying and enforcing the policies that you configure.
Retention Labels: Microsoft’s retention labels help you comply with industry regulations and internal policies. Managing content often requires two actions, retaining content so that it is not permanently deleted before the end of the retention period and permanently deleting content at the end of the retention period. These two retention actions allow you to configure retention settings for the following outcomes: Retain content forever or for a specified period, delete content after a specified period, or Retain content for a specified period and then delete it. Retention labels can be linked to security levels from Teams Center and deployed automatically. This takes the decision out of the hands of end users as to which classification label to use.
Classification: Predefined classification labels can be linked to the security levels and provided automatically. This eliminates the need for end users to decide which classification labels to use.
Mapping of the Sensitivity Labels and Retention Labels to the Security Levels
- You can define the Sensitivity Labels and Retention Labels in the Office 365 Admin Portal. Then the security levels of the Teams Center solution can be created and linked to the labels. After this configuration, end users can then select one security level per Teams room on the Teams Center interface. Teams Center then deploys the security level with the Sensitivity and Retention labels. The whole process simplifies the use of O365 features and end users don’t have to know every detail and thus don’t have to make big decisions. All the security and compliance precautions are taken up front by the enterprise IT department and made available to end users. (IT defines the framework and end users consume it).
Teams Center Compliance Module
- The Teams Center Compliance Module enables automated deployment of Sensitivity Labels and Retention Labels. The labels from the Microsoft 365 Security and Compliance Center are used and linked to the Teams Center templates. The labels are then automatically applied to the newly created rooms.
Framework is predefined by IT
- The IT department defines the framework, which Sensitivity Labels and Retention Labels are available on which templates. The end users then consume the released and preconfigured functionalities.
Do you need to automatically set sensitivity and retention labels, manage external access to your Teams rooms and automatically create your Teams rooms using an approval process? Then Teams Center can perfectly support you in your project. For more information, please contact us using the contact form.