Privacy and security in Microsoft Teams

Microsoft Teams has seen an unprecedented spike in usage as the COVID-19 pandemic forced businesses to adopt and increase reliance on remote working solutions. The company has reported that Teams usage rose 200% in just 2 weeks to reach 75 million daily active users in April 2020.

Microsoft Teams is part of the Microsoft 365 ecosystem that enables remote collaboration, with features such as seamless video calling, easy chat, file sharing and collaborative working channels.

“Now more than ever, people need to know that their virtual conversations are private and secure. At Microsoft, privacy and security are never an afterthought”.

– Jared Spataro, Corporate VP – Microsoft 365, Microsoft

The organisations dealing with the current challenging climate need to be assured about security and data privacy. Microsoft brands Teams as ‘Safe. Secure. Free.’ helping users collaborate without compromising privacy and security. It’s assuring, but businesses need security measures that suit their individual requirements; healthcare organisations are concerned about patient privacy, consumer businesses are worried about their customer data, and financial institutions need to prevent cyberattacks.

Microsoft claims that the company has built Teams on their Microsoft 365 hyper-scale, enterprise-grade cloud, which offers some pretty heavy-duty security and compliance capabilities. Here’s Spataro’s blog post about the company’s commitment to privacy and security in Microsoft Teams.

Here’s a list of core security features as part of Microsoft Teams:

‘Trustworthy by default and design’

Teams is designed and developed in compliance with Microsoft’s Security Development Lifecycle. Privacy and security are embraced throughout product development and transparency for users is key. Microsoft doesn’t deliver data-driven advertising and deletes all data after a Microsoft 365 subscription ends. Teams also meets more than 90 regulatory and industry standards, giving users peace of mind that their data and personal information isn’t at risk.

Identity and account protection

Teams uses multi-factor authentication which protects your username and password by adding a second form of verification such as a code delivered through a mobile app. This fundamentally protects businesses from cybercriminals targeting employees with weak or stolen passwords. Microsoft Teams enforces this authentication through ‘Azure Active Directory’, the single, trusted, back-end repository for user accounts.

Security and privacy for video conferencing

Users can manage who can see meetings, participate in them and access meeting information. Meeting organisers can stipulate who waits in the ‘lobby’, remove participants during a meeting and designate “presenters” and “attendees”. All meeting participants are notified when a recording starts, and recordings are stored in a controlled repository protected by encryption and permissions. Teams also benefits from AI which monitors chats to help prevent negative behaviours.

Encryption and advanced threat protection

Company data and information is encrypted in transit (being sent to a colleague, for example) and at rest. Teams uses Secure Real-Time Transport Protocol (SRTP) to check the integrity of data which moves from one virtual place on teams to another, enabling safe file and information sharing. Advanced Threat Protection (ATP) checks content to see if it’s malicious or suspicious, and blocks user access if it is.