แก้ไข

แชร์ผ่าน


What is collaboration governance?

Collaboration governance is how you manage users' access to resources, compliance with your business standards, and ensure the security of your data.

Organizations today are using a diverse tool set. There's the team of developers using team chat, the executives sending email, and the entire organization connecting over enterprise social. Multiple collaboration tools are in use because every group is unique and has their own functional needs and work style. Some will use only email while others will live primarily in chat.

If users feel the IT-provided tools do not fit their needs, they will likely download their favorite consumer app which supports their scenarios. Although this process allows users to get started quickly, it leads to a frustrating user experience across the organization with multiple logins, difficulty sharing, and no single place to view content. This concept is referred to as "Shadow IT" and poses a significant risk to organizations. It reduces the ability to uniformly manage user access, ensure security, and service compliance needs.

Services such as Microsoft 365 groups, Teams, and Viva Engage empower users and reduces the risk of shadow IT by providing the tools needed to collaborate. Microsoft 365 has a rich set of tools to implement any governance capabilities your organization might require.

Chart showing collaboration governance options in Microsoft 365.

This series of articles will help you understand how groups, teams, and SharePoint settings interact, what governance capabilities are available, and how to create and implement a governance framework for the collaboration features in Microsoft 365.

Setting up secure collaboration with Microsoft 365

There are many options for deploying Microsoft 365 Groups and Teams for secure collaboration in your organization. We recommend you use this governance content alongside Set up secure file sharing and collaboration with Microsoft Teams and its associated articles to create the best collaboration solution for your organization.

Data residency governance

If your organization is multi-national and you have data residency requirements for different geographies, include Microsoft 365 Multi-Geo as part of your collaboration governance plan.

Why Microsoft 365 groups are important in collaboration governance

Microsoft 365 groups let you choose a set of people with whom you wish to collaborate, and easily set up a collection of resources for those people to share. Adding members to the group automatically grants the needed permissions to all assets provided by the group. Both Teams and Viva Engage use Microsoft 365 groups to manage their membership.

Microsoft 365 groups include a suite of linked resources that users can use for communication and collaboration. Groups always include a SharePoint site, Planner, and a mailbox and calendar. Depending on how you create the group, you can optionally add other services such as Teams, Viva Engage, and Project.

Diagram showing Microsoft 365 Groups and related services.

Resource Description
Calendar For scheduling events related to the group
Inbox For email conversations between group members. This inbox has an email address and can be set to accept messages from people outside the group and even outside your organization, much like a traditional distribution list.
OneNote notebook For gathering ideas, research, and information
Planner For assigning and managing project tasks among your group members
Project and Roadmap Web-based project management tools
SharePoint team site A central repository for information, links and content relating to your group
Teams A chat-based workspace in Microsoft 365
Viva Engage A common place to have conversations and share information

Microsoft 365 Groups includes a variety of governance controls, including an expiration policy, naming conventions, and a blocked words policy, to help you manage groups in your organization. Because groups control membership and access to this suite of resources, managing groups is a key part of governing collaboration in Microsoft 365.

Define collaboration governance best practices for your organization

There are multiple places to collaborate and have conversations within Microsoft 365. Understanding where users can start conversations can help you define a strategy for communication.

There are three main communication methods supported by Microsoft 365:

  • Outlook: collaboration through email, including with a shared group inbox and calendar
  • Microsoft Teams: a persistent-chat-based workspace where you can have informal, real-time, conversations around a variety of topics, organized by specific sub-groups
  • Viva Engage: enterprise social experience for collaboration

Teams: chat-based workspace (high velocity collaboration)

  • Built for collaboration with the people your users work with every day
  • Puts information at the fingertips of users in a single experience
  • Add tabs, connectors and bots
  • Live chat, audio/video conferencing, recorded meetings

Viva Engage: connect across the org (enterprise social)

  • Communities of practice - Cross-functional groups of people who share a common interest or expertise but are not necessarily working together on a day-to-day basis
  • Leadership connection, learning communities, role-based communities

Mailbox and calendar (email-based collaboration)

  • Used for targeted communication with individuals or a group of people
  • Shared calendar for meetings with other group members

As you determine how you want to use collaboration features in Microsoft 365, consider these methods of communication and which your users are likely to use in different scenarios.

Note

When a new Microsoft 365 group is created via Viva Engage or Teams, the group isn't visible in Outlook or the address book because the primary communication between those users happens in their respective clients. Viva Engage groups cannot be connected to Teams.

Collaboration governance best practices checklist

As you start your governance planning process, keep these best practices in mind:

  • Talk to your users - identify your biggest users of collaboration features and meet with them to understand their core business requirements and use case scenarios.

  • Balance risks and benefits - review your business, regulatory, legal, and compliance needs and plan a solution that optimizes for all outcomes.

  • Adapt to different organizations and different types of content and scenarios - consider the different needs for different groups or departments and different types of content such as intranet content versus a user's OneDrive content.

  • Align to business priorities - business goals will help you define how much time and energy you need to invest in governance.

  • Embed governance decisions directly in the solutions you create - many governance decisions can be implemented by turning on or off features in Microsoft 365.

  • Use a phased approach - Roll collaboration features out to a small group of users first. Get feedback from them, watch for help desk tickets, and update any needed settings or processes before proceeding to a larger group.

  • Reinforce with training - adapt solutions such as Microsoft 365 learning pathways to ensure that your organization-specific expectations are reinforced with Microsoft-provided training.

  • Have a strategy for communicating governance policies and guidelines in your organization - create a Microsoft 365 Adoption Center in a SharePoint communication site to communicate policies and procedures.

  • Define roles and responsibilities - identify your governance core team and work through key governance decisions about provisioning and naming and external access first, and then work through the remaining decisions.

  • Revisit your decisions as business and technology changes - meet periodically to review new capabilities and new business expectations.

For a closer look at these practices, read Create your collaboration governance plan.

End user impact and change management

Because groups and teams can be created in several ways, we recommend training your users to use the method that fits your organization the best:

  • If your organization has deployed Teams, instruct your users to create a team when they need a collaboration space.
  • If your organization does most of its communication using email, instruct your users to create groups in Outlook.
  • If your organization heavily uses SharePoint or is migrating from SharePoint on-premises, instruct your users to create SharePoint team sites for collaboration.

This helps avoid confusion if users are unfamiliar with how groups relate to their related services. For more information about how to talk to your users about groups, see Explaining Microsoft 365 Groups to your users.

Key collaboration governance capabilities and licensing requirements

Governance capabilities for collaboration in Microsoft 365 include features in Microsoft 365, Teams, SharePoint, and Microsoft Entra ID.

Capability or feature Description Licensing
Team and site sharing Control if teams, groups, and sites can be shared with people outside your organization. Microsoft 365 E5 or E3
Domain allow/block Restrict sharing with people outside your organization to people from specific domains. Microsoft 365 E5 or E3
Self-service site creation Allow or prevent users from creating their own SharePoint sites. Microsoft 365 E5 or E3
Restricted site and file sharing Restrict site, file, and folder sharing to members of a specific security group. Microsoft 365 E5 or E3
Restricted group creation Restrict team and group creation to members of a specific security group. Microsoft 365 E5 or E3 with Microsoft Entra ID P1 or P2 or Microsoft Entra Basic EDU licenses
Group naming policy Enforce prefixes or suffixes on group and team names. Microsoft 365 E5 or E3 with Microsoft Entra ID P1 or P2 or Microsoft Entra Basic EDU licenses
Group expiration policy Set inactive groups and teams to expire and be deleted after a specified period of time. Microsoft 365 E5 or E3 with Microsoft Entra ID P1 or P2 licenses
Per-group guest access Allow or prevent team and group sharing with people outside your organization on a per-group basis. Microsoft 365 E5 or E3

Additionally, these add-on licenses provide enhanced governance capabilities:

Collaboration governance planning recommendations

Follow these basic steps to create your governance plan:

  1. Consider key business goals and processes - create your governance plan to meet the needs of your business.
  2. Understand settings in services - settings in groups and SharePoint interact with each other, as do settings in groups, SharePoint and Teams and other services. Be sure to understand these interactions as you plan your governance strategy.
  3. Plan to manage user access - plan the level of access you want to grant users in groups, SharePoint, and Teams.
  4. Plan to manage compliance settings - review the available compliance options for Microsoft 365 groups, Teams, and SharePoint collaboration.
  5. Plan to manage communications - review the available communications governance options for collaboration scenarios.
  6. Plan for organization and lifecycle governance - choose the policies you want to use for group and team creation, naming, expiration, and archiving. Also, understand the end of lifecycle options for groups, teams, and Viva Engage

Illustration of recommended governance steps.

Training for administrators

These training modules from Microsoft Learn can help you learn the governance features in Microsoft 365.

Illustrations

These illustrations will help you understand how groups and teams interact with other services in Microsoft 365 and what governance and compliance features are available to help you manage these services in your organization.

Groups in Microsoft 365 for IT Architects

What IT architects need to know about groups in Microsoft 365

Item Description
Thumb image for groups infographic.
PDF | Visio
Updated May 2022
These illustrations detail the different types of groups, how these are created and managed, and a few governance recommendations.

The logical architecture of productivity services in Microsoft 365, leading with Microsoft Teams.

Item Description
Thumb image for Teams logical architecture poster.
PDF
Updated April 2019
Microsoft provides a suite of productivity services that work together to provide collaboration experiences with data governance, security, and compliance capabilities.

This series of illustrations provides a view into the logical architecture of productivity services for enterprise architects, leading with Microsoft Teams.

Microsoft 365 information protection and compliance capabilities

Microsoft 365 includes a broad set of information protection and compliance capabilities. Together with Microsoft’s productivity tools, these capabilities are designed to help organizations collaborate in real time while adhering to stringent regulatory compliance frameworks.

This set of illustrations uses one of the most regulated industries, financial services, to demonstrate how these capabilities can be applied to address common regulatory requirements. Feel free to adapt these illustrations for your own use.

Item Description
Model poster: Microsoft Purview information protection and compliance capabilities.
English: Download as a PDF | Download as a Visio
Japanese: Download as a PDF | Download as a Visio
Updated November 2020
Includes:
  • Microsoft Purview Information Protection and Microsoft Purview Data Loss Prevention
  • Retention policies and retention labels
  • Information barriers
  • Communication compliance
  • Insider risk
  • Third-party data ingestion

Microsoft 365 security documentation

Microsoft Purview documentation

Governance & Security Practices for Microsoft 365 - Microsoft Ignite