Rediger

Del via


Set up Microsoft Teams in your enterprise

Use the information in this article to guide you through the deployment of Teams in your organization.

Note

If you haven't done so already, we strongly suggest that you begin your Teams deployment with a pilot. A pilot will allow you and a few early adopters to get familiar with Teams and its features before your planning and eventual roll out. For more information about how to start your pilot, check out Get started with Microsoft Teams.

Before you roll out Teams broadly, make sure your organization is ready by reviewing the items in Make sure you're ready.

Plan your deployment

Before you start deploying Teams, make sure you've completed your planning process. Your planning process should include:

  • Understanding Teams architecture
  • Reviewing and understanding Teams workloads and how they work with Microsoft 365
  • Calculated network requirements and ensuring your network and Internet connection have the hardware and capacity required to support critical requirements like real-time communications
  • Understanding regulatory and compliance requirements for information stored in Teams and other Microsoft 365 services
  • Creating an adoption plan to help users understand the benefits of using Teams

We strongly recommend using the Teams advisor to help you with your deployment. For details about how the Teams advisor works, see Use Advisor for Teams to help you roll out Microsoft Teams.

Tip

See how you can use Teams advisor to help you plan your Teams deployment by completing the Roll out using the Teams advisor module on Microsoft Learn.

For information about planning for Teams, see Teams enterprise deployment overview.

Workloads

There are lots of ways you can customize Teams. The following sections show you how to set up each Teams workload: chats, teams and channels; meetings and conferencing; and Phone System. The order in which you set up each workload is up to you. While we recommend setting up the chats, teams, and channels workload first, you can start with meetings and conferencing or even Phone System.

Chat, teams, and channels, are the cornerstone of Teams. Chat lets one or more users talk to each other, share files, and meet privately. Teams, which can be visible to everyone in your organization or only to those in the team, let the right people collaborate whatever the task or occasion, whether it's a long-running project or planning for a birthday party. Channels within teams can segment topics, projects, departments, or anything else make sense for your team. For details about chat, teams, and channels, check out Overview of teams and channels.

Tip

See how you can manage team roles, access, and messaging policies by completing the Manage Microsoft Teams module on Microsoft Learn.

Administration and team ownership

Decision Description
Who should be Teams administrators? Admin roles can be used to grant specific permissions to people who you want to administer Teams. Small businesses may not need these extra roles because the same person may be responsible for all aspects of Teams. You can always add or remove administrators later on.

Use Microsoft Teams administrator roles to manage Teams

Who should be Team owners and members? Team owners control who can access a team and its channels. They can decide whether a team or channel is public (to the organization) or private and can set up policies like whether a channel should be moderated. Members can access the team and its channels (unless a channel is set to private and they're not a member of that channel) and can be designated as moderators.

Assign team owners and members in Microsoft Teams

Default settings and lifecycle policies

Decision Description
What messaging policies should be applied? Messaging policies control which chat and channel messaging features (such as who can use chat, who can edit and delete sent messages, and so on) are available to users in Teams. Teams has a global policy that applies to everyone. All of the features in the global policy are On by default.

If you want the same policy to apply to everyone, all you need to do is make changes to this global policy (for example, turn off meme support in conversations).

If you want different policies for different groups of people (for example, one policy for office workers and another for factory workers), you can create and assign policies. When you assign a policy to a user, the global policy no longer applies to them.

Manage messaging policies in Teams

What Team settings should be applied? Teams settings let you set up your teams for features such as email integration, cloud storage options, organization tab, meeting room device setup, and search scope. When you make changes to these settings, they apply to all the teams in your organization.

Teams settings

External and guest access

Decision Description
Should external access be enabled? External access lets anyone in another organization talk to people in your organization. This is useful when you have a close relationship with another organization, such as a supplier, and want to make it easy for people in either organization to chat with each other, hold meetings, and so on.

External access is different than guest access. External access gives everyone in an organization access to interact with people in your organization. Guest access invites specific individuals access to interact with people in your organization.

External access is turned On by default.

Manage external access in Microsoft Teams

Should guest access be enabled? Guest access lets people in your organization invite people outside your organization access your teams and channels. Guest access is often used to collaborate with people outside your organization who don't have a formal relationship with yours. For example, you might invite a project planner to work on a project temporarily.

Guest access is different than external access. Guest access invites specific individuals access to interact with people in your organization. External access gives everyone in another organization access to interact with people in your organization.

Guest access is turned On by default.

Collaborate with guests in a team

Security

Teams is designed and developed in compliance with the Microsoft Trustworthy Computing Security Development Lifecycle (SDL). To conform to the SDL, Teams incorporates industry standard security technologies as a fundamental part of its architecture, including:

  • Designing threat models that features are then tested against
  • Incorporating security-related improvements into the coding process and practices
  • Creating build-time tools to detect buffer overruns and other potential security threats before code can be checked into the product

Although Teams follows a "Trustworthy by Design" methodology, it's impossible to design against all unknown security threats. For this reason, it's important to understand how Teams works and interacts with other systems. It's also important to understand how common threats, such as IP address spoofing, denial-of-service attacks, man-in-the-middle attacks, and so on, work so that you can design your network and Teams configuration to reduce the chances of these attacks happening.

To understand how Teams incorporates security fundamentals into its design, and to read more about common threats, see Security and Microsoft Teams.

Compliance

Teams and Microsoft 365 provide many tools that can help you conform to regulatory requirements where your company and users are located. See the following articles for information on how to configure each compliance feature in Teams:

Feature Description
Information barriers Prevents individuals or groups from communicating with, or finding in the user picker, each other.
Retention policies Lets you control how long data in Teams should be kept or whether data must be removed after a certain time.
Communication compliance Helps reduce communication risks by identifying, and taking action on, offensive, profane, and harassing language; adult racy, and gory images; and the sharing of sensitive information.
Policy-based recording for calls and meetings Lets you control when, or whether, calls and meetings should be automatically recorded and stored for later processing, retention, or analysis.
Sensitivity labels Helps you to protect and regulate access to sensitive information by creating labels that enforce selected privacy options.
Microsoft Purview Data Loss Prevention Lets you create rules that determine how certain information, such as social security numbers, credit card numbers, and so on, should be handled. You can prevent the sending of certain information, prevent it from leaving your organization, and so on.
eDiscovery Helps you search for, and retrieve, content in your organization when your organization receives discovery demands in legal proceedings.
Legal hold Helps you retain information in your organization, even if it's deleted by a user, when required during legal proceedings so that it can be discovered during eDiscovery investigations.
Content search Provides a way to query Teams information spanning Exchange, SharePoint Online, and OneDrive for Business.
Auditing Lets you see information about a specified action, including who performed the action, when the action was performed, the IP address that was used, and so on. Actions include the creation or deletion of teams, creation of channels, changed settings in Teams, and so on.
Customer key Lets you create a data encryption policy using encryption keys you provide.

Clients

When you're ready for your users to start using Teams, they can install the Teams client on their Windows, Mac, or on their Android or iOS device. Users can download the Teams client directly from https://teams.microsoft.com/downloads.

Make sure everyone who will be using Teams has a Teams license. For more information about assigning a Teams license, see Manage user access to Teams.

Tip

Get recommendations on how to plan your Teams client deployment by completing the Deploy Microsoft Teams clients module on Microsoft Learn.

If your organization uses Microsoft Endpoint Configuration Manager, Group Policy, or a third-party distribution mechanism, to deploy software to your user's computers, see Install Microsoft Teams using Microsoft Endpoint Configuration Manager.

If you want detailed information about deploying Teams clients, see Get clients for Microsoft Teams.

Training

For information on how to train your users and admins to use Teams, see Microsoft Teams training.