1.
rencore.com
Nicki Borell
Session 4
Quickstart for
Microsoft Teams
compliance

2.
rencore.com
• What happens in my environment
• Is data leaking and how can it be prevented?
• Retention
Agenda

3.
rencore.com
[What happens in my
environment]
• Audit Search & Content Search
• Communication Compliance
• Insider Risk Management

4.
Audit Search

5.
Audit Search

6.
Audit retention policy
Create a policy to retain audit logs
for up to one year based on the
Microsoft 365 service where the
activities occur, specific activities in
the selected services, and the user
who performs an activity.

7.
rencore.com
DEMO
Audit Search focusing Teams

8.
Adhoc Search -> Content Search
Search for content in emails, documents, Skype for Business conversations,
and more. You can then preview and export search results:

9.
Core eDiscovery
After you create an eDiscovery case and
determine who has access to it, you can
use the case to search for email,
documents, Skype for Business
conversations, Teams data, and other
content across your organization. You can
then save the content and export the
search results for further analysis.

10.
Core eDiscovery

11.
Advanced eDiscovery
Advanced eDiscovery provides an end-to-end workflow to secure,
collect, review, analyze and export content relevant to internal and
external investigations within the organization.

12.
Communication Compliance
• Intelligent customizable templates
• Remediation workflows
• Useful insights
• Get started with communication compliance
• Communication compliance in Microsoft 365

13.
rencore.com
DEMO
Creating a Communication Compliance policy

14.
Insider risk management
Insider Risk Management is a compliance solution in Microsoft 365 that
helps mitigate internal risks by enabling you to identify, investigate, and
respond to malicious and unintentional activities in your organization.
Insider risk policies let you define the types of risks to identify and
detect in your organization.

15.
rencore.com
DEMO
Policy indicators focusing Teams

16.
rencore.com
[Is data leaking and how can
it be prevented?]
• DLP
• Information Barriers
• Zero Trust (TIC3.0) Workbook &
Microsoft Teams

17.
Data Loss Prevention - DLP
Use data loss prevention (DLP)
policies to identify and protect
your organization's sensitive data.
For example, you can set up
policies to ensure that information
in emails and documents is not
shared with the wrong people.

18.
Governance in Microsoft Teams
Chat
service
Microsoft
Teams
O365 Information Protection
tools
▪ eDiscovery
▪ Legal Hold
▪ Compliance content search
▪ Archive
▪ Retention
▪ Audit Logs
▪ Email
▪ 1:1 chats
▪ Group chats
▪ Channel messages
▪ SharePoint Files
▪ OneNote
▪ OneDrive for Business
O365
substrate

19.
Microsoft Teams DLP
• Protect sensitive information in
messages
• Protecting sensitive information
in documents
• DLP policy must address SharePoint
and OneDrive.

20.
Microsoft Teams DLP

21.
Data loss prevention alert dashboard

22.
DLP Activity Explorer
Review activity related to content that contains sensitive info or has
labels applied, such as what labels were changed, files were modified,
and more. Label activity is monitored across Exchange, SharePoint,
OneDrive, and endpoint devices.

23.
rencore.com
DEMO
Demo DLP Policy focusing Teams chat and channel messages

24.
Information Barriers
• When information barrier policies are in place, people who are not supposed to
communicate or share files with other specific users cannot find, select, chat, or
call those users.
• Initially, information barriers apply only to Microsoft Teams chats and channels. In
Microsoft Teams, information barrier policies determine and prevent the
following types of unauthorized communications:
• Searching for a user
• Adding a member to a team
• Starting a chat session with someone
• Starting a group chat
• Inviting someone to join a meeting
• Sharing a screen
• Placing a call
• Sharing a file with another user
• Access to file through sharing link

25.
Information Barriers
• Currently, information barrier policies are defined and managed using
PowerShell: https://docs.microsoft.com/en-us/microsoft-
365/compliance/information-barriers-policies
• Part 1: Segment users:
• New-OrganizationSegment -Name "HR" -UserGroupFilter "Department -eq 'HR’”
• Part 2: Define information barrier policies
• New-InformationBarrierPolicy -Name "Sales-Research" -AssignedSegment "Sales" -
SegmentsBlocked "Research" -State active

26.
Information Barriers - Examples

27.
Zero Trust (TIC3.0) Workbook & Microsoft
Teams

28.
rencore.com
DEMO

29.
rencore.com
[Is data leaking and how can
it be prevented?]
• Retention

30.
Information governance -> Retention Policies
Emails, documents, Skype and Team conversations. Users generate a
lot of content every day. Take control of it by setting up retention
policies to keep what's needed and get rid of what's no longer needed.

31.
rencore.com
DEMO
Information governance -> Retention Policies

32.
Q & A

33.
rencore.com
• https://docs.microsoft.com/en-
us/microsoftteams/security-compliance-overview
Security and compliance in Microsoft Teams

34.
Thank you!