Can Microsoft Teams chat be monitored?
The quick answer is yes -- IT administrators can monitor employees' messages in Microsoft Teams. But organizations need proper license plans and policies in place.
Business collaboration tools have experienced tremendous growth with the rise of remote and hybrid work. Collaboration tools, such as Microsoft Teams, are an effective way to work on projects while co-workers are physically separated.
However, now that Teams has become a major part of work life, IT departments are realizing, in some cases, they may want to monitor collaboration features, like chat. Monitoring conversations is especially important for organizations that must adhere to regulatory compliance rules.
Microsoft's communication compliance functionality is baked into Microsoft 365 and provides IT with chat monitoring policies that reinforce risk management. So, can Microsoft Teams chat be monitored? Yes, but let's dig deeper. In this step-by-step guide, IT administrators can learn how to Microsoft Teams chat monitoring chat within their organizations.
Can your employer view Teams chat history?
Teams chat activity can be tracked in Microsoft 365 admin dashboards, such as the number of Teams groups and private chat messages initiated by a user and the number of replied messages. Admins can anonymize identifiable information in this activity data, such as names and email addresses.
However, a business can view an employee's Teams chat content through an e-discovery investigation. Teams chat activity available through e-discovery includes the following:
- Chat messages.
- Edited messages.
- Microsoft Loop components.
- Emojis, GIFs and stickers.
- Chat reactions.
- Teams channel names.
Investigators can also use Risk Management tools to review any content that is deemed to be a threat or harassment. This adds another area for the employer to receive any safety indicators on hidden or encoded content within Teams.
How to monitor Teams chats: Step by step
1. Verify you have the right Microsoft 365 license
If you want to monitor Teams chat, first understand that not all Microsoft 365 plans offer communication compliance as a feature, nor does Microsoft offer communications compliance as a standalone subscription. IT departments that use Basic, Standard or Premium licenses must upgrade to the E5 license plan or the E3 license plan with an E5 Compliance add-on to receive the ability to monitor and log chats.
In early 2025, Microsoft introduced a pay-as-you-go subscription for generative AI (GenAI) to enable customers without E3 and E5 subscriptions to access AI content and communication monitoring.
2. Enable communication compliance
Before any chat monitoring can be done, an administrator who is assigned as a communication compliance administrator must first enable the use of communication compliance features at a global level. Once this step is complete, authorized admins can access all the configuration features that enable monitoring of some or all users.
Administrators who are tasked with monitoring chat communications can be assigned to one of several roles depending on their duties and their need to access chat logs. Some examples of these roles are the following:
- Communication compliance admin. This role can enable communication compliance, define lower-level compliance administrators and perform the typical read/write/update/delete policy that's necessary to manage chat monitoring.
- Communication compliance analyst. This role can review created policies and view message metadata, but not message content.
- Communication compliance investigator. This role can view both message metadata and the messages themselves. The investigator can also mark flagged communications, so they are added to specific e-discovery.
3. Consider Insider Risk Management
The new Microsoft Purview Insider Risk Management tool can help correlate the different signals within Office 365 services to identify any potential malicious or inadvertent insider risks that may be listed within Teams chats.
To use the service, organizations must subscribe to the pay-as-you-go billing and provision licenses. Then admins must establish the policies required to detect potentially risky activities or chats with the following steps:
- Turn on auditing. The organization must have auditing turned on for all its activities to be recorded in the audit log.
- Get permissions to use Insider Risk Management. Administrators must be assigned the Insider Risk Management Admin role in the Office 365 admin console.
- Choose policy indicators. Select policy indicators for the desired Microsoft services to activate the proper activity monitoring.
- Create the required policy. Create a policy that provides alerts for potentially risky activities in Teams chat.
4. Determine whom to monitor
Communication compliance administrators can monitor the chats and other Teams and email communications of specific employees -- or all employees with the appropriate license assigned to them. Administrators can also place users into specific monitoring groups, which streamline communications monitoring policy configuration for certain teams or departments that require more granular monitoring rules.
While the focus is on using monitoring tools for chats, Teams also provides an integration with Copilot. Microsoft is expanding its monitoring capability to include GenAI tools that would potentially be used from within Teams as well.
4. Create a monitoring policy
Administrators must plan and configure policies to sufficiently monitor each communications compliance group. Microsoft offers policy templates or the ability for administrators to create a policy from scratch. A third option is to use a built-in policy wizard that walks administrators through the policy creation process. Regardless of the method used, the purpose of policy creation is to do the following:
- Place users into monitoring groups.
- Elect who can review the policy and/or messages that are being monitored.
- Select what communication channels to monitor within Microsoft 365.
- Designate the conditions and keywords that the communication compliance tool should alert on.
- Choose whether inbound, outbound or internal-only communications should be monitored.
While many more steps and details are required to get communication compliance up and running within an organization, the core steps have been covered here. Once complete, the users and groups created begin monitoring and alerting on compliance violations as policy dictates.
Types of Teams monitoring tools
Admins can monitor Teams chat with both native and third-party services, such as the following:
- Teams Admin Center. Admins can configure retention policies for private chats, channels, teams and specific users. Admins can also configure message policy settings, such as the ability to report inappropriate content or security concerns.
- Microsoft Purview. Identifies inappropriate content in Teams channels, one-on-one chats and group chats, such as sensitive information, obscene language or adult images. Admins can also act on and block inappropriate messages. The service can also configure communication compliance policies with GenAI interactions.
- Theta Lake. Integrates with Teams to provide capture, archive and compliance of one-on-one, group and private chats, including messages, images, files and voice messages.
- Mimecast Aware. Integrates with Teams and uses AI and machine learning to analyze Teams messages in real time for policy violations, data loss, compliance and sentiment analysis.
Reda Chouffani runs a consulting practice he co-founded, Biz Technology Solutions Inc., and is CTO at New Charter Technologies. He is a technology consultant with a focus on healthcare and manufacturing, cloud expert and business intelligence architect who helps enterprises make the best use of technology.
Andrew Froehlich is founder of InfraMomentum, an enterprise IT research and analyst firm, and president of West Gate Networks, an IT consulting company. He has been involved in enterprise IT for more than 20 years.
