Blog

3 minutes

Protecting Office 365 Groups And Microsoft Teams With Sensitivity Labels Preview

Protecting Office 365 Groups and Microsoft Teams with Sensitivity Labels (Preview)

I often end up in one of two conversations around Microsoft Teams governance with customers, the “Users can manage them themselves so we don’t need to worry” group, and the “Nobody gets a Team unless we follow this 20 step approval process and our service desk needs to set them up and lock them down” group.

Both options have their merits, but also their pitfalls. If we let everyone create teams we end up with sprawl and have no idea where our data is stored (why are there six “HR Teams”, and which one contains the right data?). On the other hand, if we don’t let our users use Teams without jumping through hoops while saying the alphabet backwards, in Latin, then we are preventing people from using some of the most powerful collaboration features available to them.

We usually end up finding a good middle ground in these discussions that leverages automation and some of the cool Information Protection features of Microsoft 365. My opinion on Teams provisioning process has been the same as it was for SharePoint sites, “I don’t care if we have ten thousand Teams, as long as they are named and protected correctly, the number doesn’t matter”.

This opinion was idealistic in the early days of Microsoft Teams as the governance features just weren’t where I wanted them to be. In the past year, Microsoft have taken strides in the features available and I’m pretty happy (albeit still a few features I’d like) with what’s available. I might even do a follow up post where I can rant about my Teams security and governance opinions down the line.

One feature that has made my life much easier since it was made available (in Preview) is the ability of Sensitivity Labels to be applied to Office 365 Groups / Teams / Sites . This feature allows us to define Sensitivity Labels which, when applied to a Group, can control the privacy level of the Group, the level of functionality available to unmanaged devices, and even the external access configuration.

During some early Teams projects I had automated scripts which changed these group settings in Azure AD, SharePoint sharing settings on the site level at the time of provisioning. That was a nightmare as it had to be maintained and knowledge transferred to the incumbent IT Teams.

When this feature is enabled, we just need to specify the settings in our sensitivity label and it’s all taken care of for us.

To enable this feature for your tenant now, connect to the Azure AD Preview PowerShell Module and run the below to update the Directory Setting and enable MIP Labelling in Office 365 Groups.

##Copy Current Settings to $Settings Variable $Setting = Get-AzureADDirectorySetting -Id (Get-AzureADDirectorySetting | where -Property DisplayName -Value “Group.Unified” -EQ).id ##Change EnableMIPLables setting $Setting[“EnableMIPLabels”] = “True” ##Write back changes to directory Set-AzureADDirectorySetting -Id $Setting.Id -DirectorySetting $Setting

Next, connect to the Security & Compliance PowerShell Module and run the below to start the synchronization process between MIP and AAD.

Execute-AzureAdLabelSync

After a little time to replicate, you will be able to see the above page when configuring a new sensitivity label and then apply them to Teams/Groups/Sites and once the labels are deployed (usually 24 hours after creation) you’ll be able to apply them at provisioning time!

Related Blogs

                            Array
(
    [ID] => 88134
    [id] => 88134
    [title] => image (4) (1)
    [filename] => image-4-1.png
    [filesize] => 421568
    [url] => https://ergotechnologygroup.com/wp-content/uploads/2024/10/image-4-1.png
    [link] => https://ergotechnologygroup.com/us/insights/blog-us/key-takeaways-from-fabcon-europe-2024/attachment/image-4-1-2/
    [alt] => Key Takeaways from FabCon Europe 2024 
    [author] => 18
    [description] => 
    [caption] => 
    [name] => image-4-1-2
    [status] => inherit
    [uploaded_to] => 88613
    [date] => 2024-10-14 16:19:45
    [modified] => 2024-10-23 08:38:54
    [menu_order] => 0
    [mime_type] => image/png
    [type] => image
    [subtype] => png
    [icon] => https://ergotechnologygroup.com/wp-includes/images/media/default.png
    [width] => 748
    [height] => 488
    [sizes] => Array
        (
            [thumbnail] => https://ergotechnologygroup.com/wp-content/uploads/2024/10/image-4-1-150x150.png
            [thumbnail-width] => 150
            [thumbnail-height] => 150
            [medium] => https://ergotechnologygroup.com/wp-content/uploads/2024/10/image-4-1-300x196.png
            [medium-width] => 300
            [medium-height] => 196
            [medium_large] => https://ergotechnologygroup.com/wp-content/uploads/2024/10/image-4-1.png
            [medium_large-width] => 748
            [medium_large-height] => 488
            [large] => https://ergotechnologygroup.com/wp-content/uploads/2024/10/image-4-1.png
            [large-width] => 748
            [large-height] => 488
            [1536x1536] => https://ergotechnologygroup.com/wp-content/uploads/2024/10/image-4-1.png
            [1536x1536-width] => 748
            [1536x1536-height] => 488
            [2048x2048] => https://ergotechnologygroup.com/wp-content/uploads/2024/10/image-4-1.png
            [2048x2048-width] => 748
            [2048x2048-height] => 488
        )

)
1
                            
Key Takeaways from FabCon Europe 2024

Blog

Key Takeaways from FabCon Europe 2024

                            Array
(
    [ID] => 54202
    [id] => 54202
    [title] => Dairygold
    [filename] => Dairygold.png
    [filesize] => 849769
    [url] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold.png
    [link] => https://ergotechnologygroup.com/us/events/app-in-a-day/attachment/dairygold-2/
    [alt] => 
    [author] => 18
    [description] => 
    [caption] => 
    [name] => dairygold-2
    [status] => inherit
    [uploaded_to] => 55580
    [date] => 2024-01-19 18:52:10
    [modified] => 2024-01-19 18:52:10
    [menu_order] => 0
    [mime_type] => image/png
    [type] => image
    [subtype] => png
    [icon] => https://ergotechnologygroup.com/wp-includes/images/media/default.png
    [width] => 1500
    [height] => 867
    [sizes] => Array
        (
            [thumbnail] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold-150x150.png
            [thumbnail-width] => 150
            [thumbnail-height] => 150
            [medium] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold-300x173.png
            [medium-width] => 300
            [medium-height] => 173
            [medium_large] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold-768x444.png
            [medium_large-width] => 768
            [medium_large-height] => 444
            [large] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold-1024x592.png
            [large-width] => 1024
            [large-height] => 592
            [1536x1536] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold.png
            [1536x1536-width] => 1500
            [1536x1536-height] => 867
            [2048x2048] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold.png
            [2048x2048-width] => 1500
            [2048x2048-height] => 867
        )

)
1
                            

Blog

3 Ways Your Legacy IT Infrastructure May Undermine Innovation

                            Array
(
    [ID] => 54202
    [id] => 54202
    [title] => Dairygold
    [filename] => Dairygold.png
    [filesize] => 849769
    [url] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold.png
    [link] => https://ergotechnologygroup.com/us/events/app-in-a-day/attachment/dairygold-2/
    [alt] => 
    [author] => 18
    [description] => 
    [caption] => 
    [name] => dairygold-2
    [status] => inherit
    [uploaded_to] => 55580
    [date] => 2024-01-19 18:52:10
    [modified] => 2024-01-19 18:52:10
    [menu_order] => 0
    [mime_type] => image/png
    [type] => image
    [subtype] => png
    [icon] => https://ergotechnologygroup.com/wp-includes/images/media/default.png
    [width] => 1500
    [height] => 867
    [sizes] => Array
        (
            [thumbnail] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold-150x150.png
            [thumbnail-width] => 150
            [thumbnail-height] => 150
            [medium] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold-300x173.png
            [medium-width] => 300
            [medium-height] => 173
            [medium_large] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold-768x444.png
            [medium_large-width] => 768
            [medium_large-height] => 444
            [large] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold-1024x592.png
            [large-width] => 1024
            [large-height] => 592
            [1536x1536] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold.png
            [1536x1536-width] => 1500
            [1536x1536-height] => 867
            [2048x2048] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Dairygold.png
            [2048x2048-width] => 1500
            [2048x2048-height] => 867
        )

)
1
                            

Blog

Unlocking Environmental Sustainability and Cost Savings with Virtual Desktop Infrastructure

                            Array
(
    [ID] => 47139
    [id] => 47139
    [title] => viktor-kiryanov-994111
    [filename] => viktor-kiryanov-994111.jpg
    [filesize] => 103409
    [url] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/viktor-kiryanov-994111.jpg
    [link] => https://ergotechnologygroup.com/us/insights/news/ergo-joins-global-elite-of-microsoft-partners-with-azure-expert-msp-status/attachment/viktor-kiryanov-994111-2/
    [alt] => 
    [author] => 13
    [description] => 
    [caption] => 
    [name] => viktor-kiryanov-994111-2
    [status] => inherit
    [uploaded_to] => 55472
    [date] => 2023-12-11 16:46:17
    [modified] => 2023-12-11 16:46:17
    [menu_order] => 0
    [mime_type] => image/jpeg
    [type] => image
    [subtype] => jpeg
    [icon] => https://ergotechnologygroup.com/wp-includes/images/media/default.png
    [width] => 1500
    [height] => 859
    [sizes] => Array
        (
            [thumbnail] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/viktor-kiryanov-994111-150x150.jpg
            [thumbnail-width] => 150
            [thumbnail-height] => 150
            [medium] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/viktor-kiryanov-994111-300x172.jpg
            [medium-width] => 300
            [medium-height] => 172
            [medium_large] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/viktor-kiryanov-994111-768x440.jpg
            [medium_large-width] => 768
            [medium_large-height] => 440
            [large] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/viktor-kiryanov-994111-1024x586.jpg
            [large-width] => 1024
            [large-height] => 586
            [1536x1536] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/viktor-kiryanov-994111.jpg
            [1536x1536-width] => 1500
            [1536x1536-height] => 859
            [2048x2048] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/viktor-kiryanov-994111.jpg
            [2048x2048-width] => 1500
            [2048x2048-height] => 859
        )

)
1
                            

Blog

Reset network management and security withSASE

                            Array
(
    [ID] => 54067
    [id] => 54067
    [title] => Frame 2
    [filename] => Frame-2-2.png
    [filesize] => 256373
    [url] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Frame-2-2.png
    [link] => https://ergotechnologygroup.com/us/insights/blog-us/ergo-and-vmware-help-financial-services-companies-towards-dora-compliance/attachment/frame-2-3/
    [alt] => 
    [author] => 18
    [description] => 
    [caption] => 
    [name] => frame-2-3
    [status] => inherit
    [uploaded_to] => 55425
    [date] => 2024-01-19 12:21:18
    [modified] => 2024-01-19 12:21:18
    [menu_order] => 0
    [mime_type] => image/png
    [type] => image
    [subtype] => png
    [icon] => https://ergotechnologygroup.com/wp-includes/images/media/default.png
    [width] => 1345
    [height] => 664
    [sizes] => Array
        (
            [thumbnail] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Frame-2-2-150x150.png
            [thumbnail-width] => 150
            [thumbnail-height] => 150
            [medium] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Frame-2-2-300x148.png
            [medium-width] => 300
            [medium-height] => 148
            [medium_large] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Frame-2-2-768x379.png
            [medium_large-width] => 768
            [medium_large-height] => 379
            [large] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Frame-2-2-1024x506.png
            [large-width] => 1024
            [large-height] => 506
            [1536x1536] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Frame-2-2.png
            [1536x1536-width] => 1345
            [1536x1536-height] => 664
            [2048x2048] => https://ergotechnologygroup.com/wp-content/uploads/2024/01/Frame-2-2.png
            [2048x2048-width] => 1345
            [2048x2048-height] => 664
        )

)
1
                            

Blog

Ergo and VMware help financial services companies towards DORA compliance

                            Array
(
    [ID] => 46598
    [id] => 46598
    [title] => Teams_Conferences_Banner
    [filename] => Teams_Conferences_Banner.png
    [filesize] => 446911
    [url] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/Teams_Conferences_Banner.png
    [link] => https://ergotechnologygroup.com/us/insights/blog-us/making-microsoft-teams-conferences-a-better-experience-for-all/attachment/teams_conferences_banner-2/
    [alt] => 
    [author] => 8
    [description] => 
    [caption] => 
    [name] => teams_conferences_banner-2
    [status] => inherit
    [uploaded_to] => 55426
    [date] => 2023-12-07 22:54:23
    [modified] => 2023-12-07 22:54:23
    [menu_order] => 0
    [mime_type] => image/png
    [type] => image
    [subtype] => png
    [icon] => https://ergotechnologygroup.com/wp-includes/images/media/default.png
    [width] => 1480
    [height] => 492
    [sizes] => Array
        (
            [thumbnail] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/Teams_Conferences_Banner-150x150.png
            [thumbnail-width] => 150
            [thumbnail-height] => 150
            [medium] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/Teams_Conferences_Banner-300x100.png
            [medium-width] => 300
            [medium-height] => 100
            [medium_large] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/Teams_Conferences_Banner-768x255.png
            [medium_large-width] => 768
            [medium_large-height] => 255
            [large] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/Teams_Conferences_Banner-1024x340.png
            [large-width] => 1024
            [large-height] => 340
            [1536x1536] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/Teams_Conferences_Banner.png
            [1536x1536-width] => 1480
            [1536x1536-height] => 492
            [2048x2048] => https://ergotechnologygroup.com/wp-content/uploads/2023/12/Teams_Conferences_Banner.png
            [2048x2048-width] => 1480
            [2048x2048-height] => 492
        )

)
1
                            

Blog

Making Microsoft Teams conferences a better experience for all