The days of face-to-face meetings, shared offices and fixed working hours are over for many companies. People affected are in home offices, appointments with customers and partners are often held online, and working hours are becoming increasingly flexible. It is therefore all the more important to create reliable, digital paths for collaboration and the joint exchange of information. Microsoft Teams is the perfect choice for this, as it allows chat, high-quality (video) telephony and data transmission to be combined in the simplest way possible. Especially practical: You can even invite people outside the team and thus communicate quickly and easily with customers and partners from other companies. The other numerous benefits and features of Microsoft Teams are summarized in this blog post.
However, this makes further agreements and policies necessary, especially when it comes to recording meetings and sharing sensitive information. But what about data protection with Microsoft Teams? We took a closer look at Microsoft Teams – and how you can optimize your IT security even further.
The Microsoft Teams Security Standards
The Microsoft company guarantees a high security standard for itself and its Microsoft 365 products. “Security, compliance, privacy and transparency [are] elemental parts of our products and services,” Microsoft states, while also providing more information on how the company handles privacy and data security. Four aspects of data security are particularly relevant, which is why we want to take a closer look at them here:
- Personal data
- Data storage location
- Period
- Encryption
1. Personal data
Every time you log in to a tool, personal data is automatically stored by the provider. This includes the email address and often your name, profile picture and phone number. In addition, people disclose more information in files, chats, (voice) mails and recordings. All of this personal data is stored by Microsoft as well as encrypted during transmission between devices, users and servers using various technologies. You can learn more about encryption in point 4.
Users are able to access their data themselves at any time and without justification. Reports are regularly published via the Microsoft Transparency Hub in which the company explains in detail how it responds to third-party data requests. It is ensured that no data is used for advertising purposes and that there is no direct or indirect access to the data for governments.
2. Data storage location
As mentioned at the beginning, transferred personal data is stored by Microsoft. This is done in dedicated data centers, which are in different locations depending on the content type. For example, chat data is stored in OneDrive for Business, or team files that are shared on a channel are stored in SharePoint. You can get more detailed information about the location of Teams data on the Microsoft site.
In addition to digital spaces, there are, of course, geographic locations where data is stored. These are specific to many places and regions of the world where the respective company is also located. In the specific case of Switzerland, this means that the location of your information and company data is within the country. This is an important aspect, especially with regard to the General Data Protection Regulation, GDPR for short, as it prevents exchange across national borders.
3. Period
After termination or expiration of the subscription, the personal data will be deleted by the provider within 90 and 180 days. Administrators and users can also remove the information independently beforehand, and the associated copies will then be deleted by Microsoft in the next 30 days as well. This also makes it possible to comply with the company’s own guidelines, industry regulations or legal requirements.
4. Encryption
To securely encrypt data and its exchange between devices and users, Microsoft primarily uses two protocols: Transport Layer Security (TLS) and Secure Real-time Transport Protocol (SRTP). Both are standards that are used for the secure transmission of voice traffic between subscribers.
In Microsoft Enterprise Clouds, corporate data is also protected by default with the company’s own BitLocker encryption solution and the Distributed Key Manager (DKM). The former solution primarily encrypts information stored in SharePoint and OneDrive with one or more Advanced Encryption Standard (AES) 256-bit keys. The Distributed Key Manager (DKM), in turn, is responsible for ensuring that only authorized persons have access to the previously obscured information and can both encode and decode it.
In addition, a “two-key solution” or “double key encryption” is also used. As the name suggests, there are two keys – one is held by Microsoft, the second by the user. Only with both keys, you can access the data. This means that Microsoft itself has no access to your personal data and your company is protected should information fall into the wrong hands. “Double Key Encryption” has been available since the beginning of 2021 and is offered for all Microsoft 365 services.
How You Can Use Microsoft Teams Even More Securely
If there are any concerns despite Microsoft’s security precautions, some precautions can be taken to make this Microsoft 365 tool even safer to use.
Other, simple ways to increase safety on your own include:
- Thorough review of your settings in the Microsoft Teams “Admin Center”: this includes setting external and guest access, restrictions for user groups and certain information
- Protect confidential/sensitive data with Azure Information Protection
- Control the use of external apps in Microsoft Teams
- Customization and setting of retention options, such as access, period of storage and deletion.
- Use private channels to share information only with those with a legitimate interest
Conclusion
In a digitally driven world, an organization has to take a lot of things into account: good accessibility, fast online communication, uncomplicated (video) telephony – and all this in coordination with the applicable data protection guidelines. Although Microsoft Teams is a very proven and secure Microsoft product, as with most tools, it is important to take a close look at all settings and adjust them to meet your company’s privacy needs. Microsoft is also constantly adapting its products to changing circumstances and providing users with multiple encryptions to ensure optimal protection of personal data.
Need help setting up Microsoft Teams? With our Managed Collaboration Service Dinotronic supports you in the secure implementation of MS Teams, which allows you to collaborate with employees as well as external persons (customers, suppliers, partners etc.) in an efficient and uncomplicated way.