Private Microsoft Teams in Office 365 to become NOT so Private

So this showed up in my inbox today… News flash I am one of the organizers of SharePoint Saturday Chicago Suburbs, our next event is May 5th.¬† <— Shameless plug ūüôā

We’re making it easier to share and join private teams in Microsoft Teams
Major update: General Availability rollout started
Applied to: All customers

Starting March 23, 2018, private teams will be searchable in Microsoft Teams. This feature update will make it easier for people to share and join Teams.[How does this affect me?]Until now, it was not possible for users to find and request access to a private team in the Teams app. Users had to either be invited to a team or search for the underlying group in Outlook in the Outlook app.Now, private teams will be discoverable via search and the Suggested teams gallery, making it easier to share and discover private teams across an organization. If a user requests to join a private team, the team owner will receive a notification and can approve or deny the request directly in Teams. [What do I need to do to prepare for this change?]We recommend that you inform team owners about this change. If team names or descriptions include sensitive information, team owners may want to update them before this change occurs on March 23, 2018.If you wish to hide a private team or group, Office 365 admins can use the Set-UnifiedGroup PowerShell cmdlet to hide specific groups or teams (in Outlook, Outlook Web App, and Microsoft Teams). Specifically, use the HiddenFromAddressListsEnabled parameter, which you can apply to individual groups. For further instructions, please click Additional Information below.

I get Microsoft wants to be more collaborative,¬† I think this is an interesting move.¬† People create private groups for a reason, they want them to be private.¬† While I think it is great that they recommend Team owners change the names of their Teams if they contain sensitive information, I think there will be more than one Team owner who doesn’t read the “memo” (ok I’m old) and not be happy about it.¬† At least they give PowerShell commands for hiding them, but that seems to put more work on the Administrators.

I would like to see this rolled out as an opt-in type of feature that organizations could decide to “turn on” or not, rather than be rolled out as “turned on” already.¬† I would recommend Admins start running reports and to see if they have any Teams names with sensitive information, or any questionable names for that matter.

A copy of this blog was posted on my podcast site that I do with Jay Leask:

Hope this helps!




What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR) imposes new rules on organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents, no matter where they are located.¬† Most people in the US don’t know or don’t think this affects them, but he key phrase is “no matter where they are located” is what US business should be worried about.¬† It means if you offer a service in Europe or just have a website that people in Europe can access and provide information, this may affect you too.

There are 4 key components of the GDPR:

  1. Enhanced personal privacy rights – Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it.‚ÄčPart of the expanded rights is the right for data subjects to obtain from the data controller confirmation as to whether or not personal data concerning them is being processed, where and for what purpose.¬† Also Data Erasure entitles the data subject to have the data controller erase his/her personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.
  2. Increased duty for protecting data –¬†Privacy by design is becoming part of a legal requirement with the GDPR.¬† Privacy by design calls for the inclusion of data protection from the onset of the designing of systems.
  3. Mandatory breach reporting –¬†Breach notification will become mandatory in all member states where a data breach is likely to ‚Äúresult in a risk for the rights and freedoms of individuals‚ÄĚ. This must be done within 72 hours of first having become aware of the breach.
  4. Significant penalties for non-compliance –¬†Organizations can be fined up to 4% of annual global turnover for breaching GDPR or ‚ā¨20 Million.

To get the full details of the GDPR, visit this link:


Intro to Office 365 Security & Compliance

Last Saturday, June 17, 2017, I presented an Intro to Office 365 Security & Compliance center at SharePoint Saturday Atlanta.  Which by the way was a really great event with a number of great speakers, MVPs, sponsors and attendees!  I am thankful that they picked me to present and that I got a chance to experience the event and meet a bunch of really nice people!

Here is the deck I presented:

It is really an overview of the Security & Compliance center with a bunch of live demos I did to show each section and a little bit about how they worked.  The demos are not included, but I am currently recording them and will post them shortly in a series of posts on Security & Compliance.

Hope you enjoy the slides!


Introduction To Data Loss Prevention in SharePoint 2016

Everywhere your data exists, moves or is shared, you need to protect it. With a Data Loss Prevention (DLP) policy in SharePoint Server 2016, you can identify, monitor, and automatically protect sensitive information across your site collections.  Learn the basics of DLP and how you can start better protecting your data.

What is Data Loss Prevention?

  • Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network.
  • DLP Software products help a network administrator control what data end users can transfer so that users cannot accidentally or maliciously share data that could put the organization at risk.

I recently created a presentation for a Lunch & Learn at my company, AvePoint, and decided to share the slides:

The information comes primarily from Microsoft’s documentation with a couple of slides based off of information from Vlad Catrinescu’s presentation at Ignite 2016.

I am working on adding information on the differences between SharePoint 2016 and Office 365 and will update with the new slides when I complete it.

Hope it you find it informative.

Stopping Mass Downloads in Office 365

Recently Microsoft has been focusing a lot of effort on security and compliance when it comes to information management.  In an effort to make a one-stop portal, they have create the Security & Compliance portal for Office 365.


It can be accessed multiple ways.  It can be accessed through the icon from the Waffle menu in the upper left hand corner as pictured above.  It can all so be accessed through the Admin Center:


Or you can go straight to the URL: 

From there you can take care of your security needs such as: set alerts, manage permissions, set you data loss prevention policies and many other things.  You can visit for complete details and I will be following up with for posts and detailing more of its features.  The focus of this post is focusing on one particularly new feature I discovered that is now available, the ability to alert when someone is doing mass downloads and suspend the user.

While a lot of governance and compliance focuses on securing information and limiting access to data, a major problem is when seemingly good or trusted people turn into bad actors and download things that the company wouldn’t want them too, think Snowden and Wikileaks.

To enact this feature, you have to have an Office 365 E5 license because it is an Advanced Security Management feature.¬† If you have this license, then you can go to the Security & Compliance Center –> Manage advanced alerts and click on the Go to Advanced Security Management button:


This will take you to the Policies screen:

Policies.pngClick on Create Policy –> Active policy:

CreatePolicyFrom the Policy template choose Mass download by a single user and fill out the form.  An example is if the person downloads 30 items in 5 minutes:

PolicyTemplate_top.pngYou can have the Policy send an alert email to you administrator and Suspend  user until the admin has time to evaluate the situation and decide if the user has a legitimate business reason for downloading so many files.


After you hit create, you will see you Policy appear on the Policies screen:


This is a great new feature to help stop the loss of data from you organization and just one of many useful security options that Microsoft has released.  It should be exciting to see future features and enhancements in the area of Security & Compliance.