Tactic 1: Create Team templates for Teams hosting sensitive information and monitor for configuration/membership drift.

Microsoft Teams allows administrators to create templates for common use cases that can be leveraged for Teams that will host sensitive information. We’ll show you the best practices for leveraging this native feature and the challenges of monitoring configuration drift throughout a Team’s lifecycle (and what you can do about it).

Tactic 2: Review, monitor, and audit permissions for sensitive data and documents

Now that you have your Teams and workspaces secured, you need to be able to review who has access to sensitive information. We’ll show you how to find sensitive content using native tools, the challenges of combing through permission reports, and best practices for mitigating oversharing of sensitive information.

Tactic 3: Ensure adequate data protection and retention

Microsoft 365 retention policies can help protect your sensitive data. We’ll show you the best practices for leveraging this tool while demonstrating the gaps that exist and provide real-world examples of how other agencies have covered them.

Tactic 4: Review guest access and external sharing settings

Guest access and external sharing are complicated! These can be impacted by settings across half a dozen admin centers. Additionally, guest access is now enabled by default in new Microsoft Teams deployments. We’ll show you how to right-size your guest access and external sharing settings across your agency (as well as how to tailor different settings for each bureau and division within your agency) along with best practices for guest governance.