Markus Mainka - Fotolia
Can Microsoft Teams chat be monitored?
The quick answer is yes -- IT administrators can monitor employees' messages in Microsoft Teams. But organizations need the proper license plans and policies in place.
Business collaboration tools have experienced tremendous growth over the past year. Much of that growth stems from the COVID-19 pandemic that forced employees to work from home instead of the office. Collaboration tools, such as Microsoft Teams, are an effective way to work on projects while co-workers are physically separated.
However, now that Teams has become a major part of work life, IT departments are realizing, in some cases, they may want to monitor collaboration features, such as Teams chat. Monitoring conversations is especially important for organizations that must adhere to regulatory compliance rules.
Fortunately, Microsoft's relatively new communication compliance functionality is baked into Microsoft 365 and provides IT with chat monitoring policies that reinforce risk management. So, can Microsoft Teams chat be monitored? Yes, but let's dig deeper. In this step-by-step guide, IT administrators can learn how to start monitoring Teams chat within their organizations.
1. Verify you have the right Microsoft 365 license
If you want to monitor Teams chat, first understand that not all Microsoft 365 plans offer communication compliance as a feature. IT departments that use basic, standard or premium licenses must upgrade to either the E3 or E5 license plans to receive the ability to monitor and log chats.
2. Enable communication compliance
Before any chat monitoring can be done, an administrator who is assigned as a communication compliance administrator must first enable the use of communication compliance features at a global level. Once this step is complete, authorized admins can access all the configuration features that enable monitoring of some or all users.
Administrators who are tasked with monitoring chat communications can be assigned to one of several roles depending on their duties and their need to access chat logs. Some examples of these roles include the following:
- Communication compliance admin. This role can enable communication compliance, define lower-level compliance administrators and perform the typical read/write/update/delete policy that's necessary to manage chat monitoring.
- Communication compliance analyst. This role can review created policies and view message metadata but not message content.
- Communication compliance investigator. This role can view both message metadata and the messages themselves. The investigator can also mark flagged communications so they are added to a specific e-discovery
3. Determine whom to monitor
Communication compliance administrators can monitor the chats and other Teams and email communications of specific employees -- or all employees with a valid E3 or E5 license assigned to them. Administrators can also place users into specific monitoring groups, which streamlines communications monitoring policy configuration for certain teams or departments that require more granular monitoring rules.
4. Create monitoring policy
Administrators must plan and configure policies to sufficiently monitor each communications compliance group. Microsoft offers policy templates or the ability for administrators to create policy from scratch. A third option is to use a built-in policy wizard that walks administrators through the policy creation process. Regardless of the method used, the purpose of policy creation is to do the following:
- place users into monitoring groups;
- elect who can review the policy and/or messages that are being monitored;
- select what communication channels within Microsoft 365 to monitor;
- designate the conditions and keywords that the communication compliance tool should alert on; and
- choose whether inbound, outbound or internal-only communications should be monitored.
While many more steps and details are required to get communication compliance up and running within an organization, the core steps have been covered here. Once complete, the users and groups created will begin monitoring and alerting on compliance violations as policy dictates.
Dig Deeper on Team collaboration software
Related Q&A from Andrew Froehlich
Understanding UC interoperability challenges
The growth of remote and hybrid work has driven demand for better interoperability among collaboration tools. But supporting interoperability isn't ... Continue Reading
SOAR vs. SIEM: What's the difference?
When it comes to the SOAR vs. SIEM debate, it's important to understand their fundamental differences to get the most benefit from your security data. Continue Reading
NOC vs. data center: What's the difference?
Network operations centers and data centers are two facilities organizations use to store IT devices and manage operations. But they differ ... Continue Reading