Microsoft Teams Security and Compliance
Microsoft Teams security and compliance is built on the Office 365 hyper-scale, enterprise-grade cloud. This enables us to deliver advanced security and compliance capabilities.
Security
Microsoft Teams enforces team-wide and business-wide two-factor authentication. It also incorporates single sign-on using Active Directory, and all data in transit and at rest is encrypted. As is, any data that is stored in One Drive for Business, SharePoint or OneNote.
Find out moreWho controls my data?
It is important to remember that your Micrsoft 365 data is owned and controlled by you as the end-user and not Microsoft. Microsoft does not use your data for anything other than proving your Microsoft 365 service. No scanning of emails or documents or access to any OneDrive for business or SharePoint is carried out.
Find out more
Advanced Threat Protection (ATP)
- ATP for SharePoint and OneDrive for Business integrates into the Teams content management platform. ATP will allow you to determine if any content within each application is malicious and if so, allow it to be blocked from user access.
- This is all managed within the Microsoft 365 management platform and can be configured to suit your business needs.
Safe Attachments
- User security is further enhanced by the safe attachments feature. This added benefit will check for, and delete, malicious attachments directly from your emails.
- Safe attachments is also available to protect SharePoint Online, OneDrive for Business and Microsoft Teams.
Conditional Access Policies for Teams
- When a Microsoft 365 users signs into their portal, they become subject to conditional access policies. This means your administrator can control user access from Azure Active Directory on certain user devices.
- Conditional access works on Exchange, SharePoint and Teams to control access to meetings, calendars and file shares.
AppLocker
- AppLocker allows administrators to define software restriction policies. This means you can create rules to allow or deny access to apps to specific users or groups of users.

Compliance
Over the last few years, compliance has been a big issue, particularly with the introduction of GDPR. Teams is offering you a range of services to help your business to become data compliant.
Data Loss Protection (DLP)
- Teams, Chat messages and channel conversations
- Exchange, Email in transport, Email body attachments
- SharePoint, Any file can be crawled
- OneDrive for Business, same as SharePoint
- Office desktop apps, in-app policy tips for Word, Excel, PowerPoint and Outlook
eDiscovery
- Electronic discovery (ediscovery) is the way you can identify and collect stored data from Microsoft 365 file shares
- It is now law (GDPR) for a business to remove any data held on an individual if asked to do so.
- This data could be chat, messages or file data and without ediscovery you will never be able to find all relevant data
Legal Hold
- In the event of a legal case, it is quite common for a business to be asked for all data pertaining to the case. This will later be used in court.
- You can now place either a user or team on legal hold and this means no-one can access that data. Even if it is deleted by the user it will still be in the system.
Auditing and Reporting
- Audit logs plug right into Microsoft 365 Compliance Centre to give you the ability to set alerts and report on audit events. These events can then exported for admin use.
Compliance Content Search
- Rich filtering capabilities in teams means that a content search for teams data can be carried out.
- This data can then be exported and used as necessary
If you would like to know more about DLP then please watch the video below.