February 13, 2024
|
10
min read
Kas Nowicka
Kas has spent the last decade working with Microsoft’s cloud solutions and sharing governance, adoption, and productivity best practices with the MVP community.
Microsoft Teams governance

For IT teams, governing Microsoft Teams is about more than reducing operational risk. Adopting MS Teams governance best practices has the potential to increase visibility, keep employees productive, increase your agility, and simplify management and optimization. However, that’s only possible if you understand the full spectrum of Microsoft Teams governance—from access and sharing to operations and continuity—and avoid the pitfalls of outdated best practices.

Inside this article:

Microsoft Teams governance best practices

Effective management of Microsoft Teams means implementing best practices across every part of MS Teams, from the way people collaborate to how you embed strong data security policies.

To learn what policies you should implement in other key Microsoft areas, download CoreView’s Microsoft 365 Governance Best Practices Guide.

We’ve broken the best practices into Microsoft Teams access and sharing best practices, Microsoft Teams apps best practices, Microsoft Teams content best practices, Microsoft Teams operational efficiency and continuity best practices, and Microsoft Teams data security best practices and challenges.

Microsoft Teams access and sharing best practices

Control access to public MS Teams

An employee can join any public team, but this freedom can lead to governance complexity. As a foundation for good Microsoft Teams access and sharing governance, control the number of public teams that employees can join and implement an automated attestation process where team owners periodically confirm whether their membership is still required. If there's no response or the team is no longer regularly used, consider archiving or removing it for improved organizational efficiency and security.

Control Microsoft Teams guest access

Beyond your employees, be sure to establish clear policies for external members who can access Microsoft Teams. While inviting external users can enhance collaboration with customers, suppliers, government agencies, and other outside entities, a team owners should regularly review whether granted guest-user permissions are still required.

Use sensitivity labels in MS Teams

Best practices for access and sharing in Microsoft Teams should also involve a keen focus on content organization, and sensitivity labels are a crucial feature for this.

Develop a well-planned data classification scheme and apply sensitivity labels accordingly to enforce security protocols based on the sensitivity of the content. Additionally, using of private or shared channels in MS Teams allows controlled access to specific documents, ensuring that only the necessary individuals can access information.

Audit MS Teams content and user access frequently

Regular audits are recommended to maintain a secure and accessible content environment. This will include reviewing who can access a given Team, as well as updating sensitivity labels.

Consider implementing automated auditing tools as well. This ensures you have regular, actionable insights to maintain a secure and accessible content environment.

Assign a policy to ensure team continuity in MS Teams

MVP Vasil Michev shares that organizations should “set whatever policies make sense for your organization and stick to them.”

Organizations should establish policies that require a minimum number of team owners or automate ownership reassignment upon user departure to ensure continuity.

Michev continues here:

“There’s not much Microsoft offers in this space, apart from ensuring at least a single owner is assigned. You either have to come up with your own automation, or use a third-party solution. A common solution is to designate the departing user’s manager as the owner, but your mileage may vary.

“Contrary to Microsoft’s expectations, in most cases you will need to involve your IT support team. If nothing else, they are the only ones that have visibility over Private and Shared channels within a team, whereas even an owner can remain oblivious about heir existence and usage.”

MS Teams governance with the native Microsoft Teams tools’

Outdated Microsoft Teams access and sharing governance best practices

Initially, some organizations avoided using guest access due to concerns about security and control. However, Microsoft has significantly improved the security and governance features related to guest access. Today, it’s a valuable feature for collaborating with external partners—and one you can use with confidence and control

Microsoft Teams apps best practices

Define clear app usage policies for MS Teams

Establish clear guidelines on the use of built-in and third-party apps. This includes creating and regularly reviewing app setup policies, defining who can approve new apps, and outlining the process for integrating third-party apps.

Be sure to review these policies periodically and update them to reflect new app offerings and security updates.

Develop a Microsoft Teams app security policy

Develop a comprehensive security governance policy for app usage. This should include using apps from trusted sources only, conducting regular security audits, and implementing measures to protect data and privacy.

Mandate regular training for MS Teams

Regular training ensures team members are up-to-date on app features and best practices. Implement a governance strategy that requires regular review and updates of app policies and permissions to ensure they remain relevant, secure, and effective.

Use templates for implementing apps in MS Teams

Microsoft 365 tools can be integrated into the Teams experience, but care must be taken to avoid app sprawl. This can be managed by creating templates within Teams, which can include custom apps or integrations with third-party tools like monday.com. These templates streamline the creation of new teams or channels and can help monitor the spread of apps across Teams. However, a thorough audit is advisable to truly understand the spread and usage of apps.

Microsoft expert Roy Martinez shares more ways to avoid app sprawl in Teams in this 2-minute clip:

Regularly audit apps in Microsoft Teams

MVP Vasil Michev shares his thoughts on auditing Teams apps:

"Make a habit of periodically reviewing data exposed in the Teams Apps report or any alternative you have created. If you find yourself often questioning the need for a given app to be installed or understanding what kind of access it has, consider imposing stricter controls on what apps are available and who can install them.”

However, it’s important to note that auditing your Teams apps (especially third-party ones) can be challenging.

While the Teams Admin Center provides some visibility into first-party apps, you’ll need to use audit logs, historical audit tracking, and other solutions to truly understand when and how apps are being used.

Here’s Vasil again:

“While Microsoft does provide a Teams apps report, the underlying data is still not exposed via the Graph API. That makes it harder to report on multi-tenant, MSP/CSP and similar scenarios.

“And, while you can build a somewhat similar report via other Graph API endpoints, when it comes to gauging usage of Microsoft Teams apps, things get a lot more complicated.

“That being said, there are native M365 controls you can use. But, be aware that you’ll have to use UI to configure them.”

Use PowerShell to support auditing

For more detailed auditing, PowerShell allows admins to traverse different objects and access hidden apps, bypassing some of the front-end UI limitations. This ensures a deeper, more accurate understanding of app usage across MS Teams.

Microsoft Teams operational efficiency and continuity best practices

1. Give every team an owner

It’s possible to create teams without an assigned owner, but these are vulnerable to misuse and abuse. Implement a policy that ensures every team has an owner—ideally more than one.

2. Assign multiple owners to individual teams

Single-owner teams pose a significant risk to continuity, especially if an employee leaves the company or moves to a new project or role. Microsoft advises assigning at least two owners per team to increase resilience.

3. Monitor MS Teams groups and remove inactive ones

Monitor and manage inactive MS Teams groups, including sunsetting project-specific groups post-completion. Develop policies for deleting teams after a certain period of inactivity. This could be action-based (for example, based on the number of users visiting a channel, chatting, or updating files) or time-based.

Before archiving or deleting an inactive Team, carefully consider the ramifications—retaining a record might offer valuable insights for future reference. Always consult with any team owners before deleting anything.

4. Support offline flexibility

Offline working is another way to improve operational efficiency in Microsoft Teams. Users can work offline, and their changes are stages and synced with MS Teams when they reconnect to the internet. This ensures seamless continuity, even when people have been working without a connection.

5. Use document versioning

The document versioning feature within Microsoft Teams provides a historical record of document changes, creating an audit trail while allowing reversion to previous states if required.

6. Train users on content best practices

Implement ongoing, role-specific training programs on MS Teams content best practices to ensure users are equipped to work efficiently and securely. Admin teams can also use analytics and reporting to understand usage patterns and spot opportunities for improvement and refinement.

Microsoft Teams content best practices

In a recent discussion with SharePoint migration and Microsoft Teams expert Roy Martinez, he shared the following best practices for managing content.

1. Organize your Microsoft Teams content

The foundation of effective IT governance in Microsoft Teams is logical content organization. This begins with understanding how Microsoft Teams uses SharePoint for its content management system. All content within MS Teams is stored either in SharePoint sites or OneDrive, making it essential for IT professionals to have a strong grasp of these platforms.

2. Future-proof your metadata strategy

Develop a flexible metadata strategy that can adapt to future changes and incorporate lessons learned from existing practices.

As Roy advises, "It's best to set [your metadata], but not necessarily forget. You want to try to get it right the first time because changing things retroactively means crawling tons of data, which might affect downstream processes."

The managed metadata feature in SharePoint can help maintain order and consistency by imposing constraints on how metadata is created and managed. However, many organizations falter when it comes to content management due to the absence of a tagging structure, leading to documents being saved haphazardly.

3. Assign sensitivity labels to your content

All Microsoft Teams content can be assigned with tags, improving organization and searchability. Sensitivity labels are particularly important: tags that assign specific security policies to given content types. These policies may affect who can view and edit content, as well as retention policies. IT professionals must consider the use of these labels, striking the balance between protecting sensitive data and accessibility.

4. Manage permissions effectively

Another critical aspect of IT governance in MS Teams is managing permissions effectively.

Be sure that permission management in MS Teams is synchronized with SharePoint and OneDrive settings for consistent and effective access control.

(As a reminder, every team in Microsoft Teams correlates to a Microsoft 365 group, and each of these groups corresponds to a SharePoint site. This relationship creates a security boundary allows you to define who has access to what.)

To maintain security and accessibility, IT professionals need to refine access to specific documents and folders as needed. This is accomplished in MS Teams through private channels or shared channels, which allow only a subset of users from the main team to access them.

While it's not always necessary to create specific privileges for every file or folder, it becomes essential when collaborating with external users from other organizations who need access to specific data subsets. This refined access management ensures that sensitive information is shared prudently and securely.

Learn how to evaluate your security setup for internal and external users. Watch “Movers, Joiners, and Leavers: Managing personnel changes and external users in Microsoft 365,” on-demand.

5. Regularly audit and review your content

Even with effective management of permissions and sensitivity labels, IT teams need to keep pace with changes over time. With the Microsoft 365 compliance center and other auditing tools, you can conduct regular, comprehensive reviews of content and access permissions, ensuring appropriate access is maintained.

Tiered auditing is particularly effective, with frequent minor audits of your most sensitive content and more occasional deep audits of everything. Microsoft 365’s own tools can provide basic data auditing, reporting, and access management automation. By applying these best practices, IT professionals can ensure that their organization's use of Microsoft Teams remains secure, organized, and efficient.

Watch this 2-minute clip from Roy for more recommendations on auditing your Microsoft Teams content:

Outdated Microsoft Teams content best practices and pitfalls

Microsoft Teams governance has evolved in much the same way as our approach to content—from a hierarchical folder structure to shared storage with a flat structure and tags for searchability. Also, roles in content and information management have become more flexible and less tied to specific platforms like SharePoint, indicating an evolution from the conventional SharePoint administrator role to more versatile roles.

Microsoft Teams data security best practices and challenges

Prioritize sensitivity labels early

Data security in MS Teams relies on the effective management of sensitive data.

Sensitivity labels play a vital role in protecting sensitive information based on its level of confidentiality. Regularly assess data, assign a security level, and label accordingly. With policies automatically assigned to labeled data, you can significantly reduce the risk of manual errors that leave your security compromised.

When establishing these sensitivity labels, it’s important to clearly understand the organization's security requirements and ensure application of sensitivity labels is user-friendly.

Restrict access based on security levels and sensitivity labels

Microsoft Teams allows owners to set up policies that restrict guest-user access based on the sensitivity level assigned—ensuring only those who require such access have it and removing them once they no longer need it. To maintain data security during MS Teams meetings, review all guest users with sensitive data permissions regularly and disable any unnecessary accounts immediately.

Challenges with using sensitivity labels for Teams security

In a recent conversation with MVP Vasil Michev, we discussed the challenges of using sensitivity labels effectively for MS Teams data security.

Unfortunately, Microsoft has played a big part in creating those challenges.

Michev shares, “The ‘free for all’ model Microsoft Teams uses doesn’t play that well in any organization of size, yet Microsoft decided to ignore any feedback on the subject initially. It took them years to provide some controls, and the solution is now tied to ‘premium’ licensing.”

Because of the challenges with sensitivity labels, ISVs are stepping in and providing their own solutions for Groups/Teams governance. In fact, some organizations are even investing in their own solutions to manage Groups and Teams (e.g., using Graph APIs and PowerShell and various other automation tools).

Managing MS Teams sensitivity label sprawl

Here’s Vasil on this topic:

"Using sensitivity labels to control privacy and sharing settings on Microsoft Teams results in a proliferation of labels. This stands in stark contrast to Microsoft’s own recommendations to keep the list of labels to a minimum.

“Currently, there are no less than five ‘top level’ controls enforced by ‘container’ sensitivity labels, so just covering the various permutations can result in dozens of labels getting created. Of course, you might not need all the controls, but you get the idea.

“This, in turn, results in the need to create and maintain multiple label policies—especially if you need multiple container labels to be available within the organization.”

Enforcing sensitivity label policies

Vasil shares that yet another challenge with using sensitivity labels for MS Teams is making sure that users actually stamp a label upon creation.

“Label policies do help here, but they do not prevent owners from changing the label at any point. And since the ‘container’ label is not directly related to the sensitivity of any document stored within the Group/Teams site, you can easily end up with ‘Public’ Teams hosting a bunch of files with PII or confidential information.”

Develop strategies for archival and retrieval

Archiving and retrieving data effectively can help with business continuity, protecting sensitive information, and restricting unnecessary access.

Roy Martinez shares more about using sensitivity labels in Teams in this 2-minute clip:

An organization’s specific needs for data archival and storage within MS Teams will vary. In most cases though, organizations can simply configure a Microsoft 365 retention policy that supports their needs.

However, for organizations needing to retrieve archived Microsoft Teams conversations, Michev recommends purchasing the Advanced eDiscovery SKU.

As for archiving and exporting to external systems, there are multiple ISVs that offer products in this space. Oftentimes, organizations purchase these solutions because they need to meet certain legal or compliance requirements. But, if your organization is especially paranoid about ransomware or rogue admins, you may consider this option as well.

Either way, be sure to integrate these archival and retrieval strategies with the broader data governance framework to support business continuity and compliance.

Outdated Microsoft Teams security best practices

While manual archiving of inactive teams was once common, it's now recommended to transition to automated archiving solutions that streamline this process and ensure compliance with retention policies. Consider using Microsoft’s auto-expiration feature for teams. This feature automatically archives teams after a certain period of inactivity, freeing up your M365 admin’s time.

Private channels were once heavily used for controlling access to information. However, overuse of private channels can lead to siloed information and become a barrier to collaboration. Now, experts recommend using private channels sparingly, instead of relying more on the permissions and security controls available at the Team and file level.

<< Jump to How to view and create Teams private channels >>

Microsoft Teams governance checklist

Download the full Microsoft Teams Governance Checklist.

Microsoft Teams Governance Checklist

1. Create a strategic plan for MS Teams implementation

Crafting a strategic plan for Microsoft Teams implementation sets the groundwork for how the tool will be used, managed, and secured within your organization. This strategic plan will outline the policies, procedures, and remediation actions in place to ensure effective MS Teams usage and security. It also provides a roadmap to mitigate the potential risks associated with data sharing--both internally and externally--and keep confidential files secure.

2. Assign a policy for empty MS Teams groups

With a defined policy for handling empty Microsoft Teams groups, you can optimize your implementation. While empty teams pose low security risks, they’re an unnecessary burden on your resources. Regularly identifying and deciding whether to archive or remove empty teams prevents unnecessary resource allocation, enhancing your overall operational efficiency.

<< Jump to How to find empty Teams groups in the Teams Admin center >>

3. Assign a policy for inactive Teams groups

A policy for inactive MS Teams groups helps you maintain an organized, secure, and efficient environment. Inactive teams could become potential security vulnerabilities or consume unnecessary resources. By defining what constitutes inactivity, regularly monitoring, and determining appropriate actions for inactive teams, you can continually optimize your implementation and maximize your efficiency.

<< Jump to How to generate a list of inactive Teams Groups >>

4. Assign a policy for public MS Teams groups

Public teams can potentially have many members, making them challenging to manage. A clear policy for these teams and an attestation process requiring owners to periodically confirm their membership can improve organizational efficiency and security.

5. Assign a policy for MS Teams groups with guest users

Guest users can enhance collaboration but can also pose security risks given their visibility into files and content meant for internal use only. A policy that requires regular review of guest user permissions is important to ensure that only necessary access is granted and any potential security risks are mitigated.

6. Assign a policy for Microsoft Teams with guest users with certain sensitivity labels

Sensitivity labels help secure information by assigning different levels of protection to your content and teams. A policy that restricts guest user access based on these sensitivity labels ensures that only those who require such access have it. Regular review of guest users with sensitive data permissions and disabling any unnecessary accounts adds an extra layer of security.

7. Assign a policy for teams groups without multiple owners

Teams with single owners can face continuity issues, especially if the owner leaves the company or moves to a new role. Microsoft advises having at least two owners per team to avoid any gaps caused by the change or departure of an owner. A policy for this ensures continuity and smooth functioning of the team.

8. Assign a policy for MS Teams groups without owners

Teams without proper owners are vulnerable to misuse and abuse. A policy addressing this issue ensures that every team has an owner, enhancing the security and proper use of MS Teams. Regular review and rectification of ownerless MS Teams help keep sensitive data protected against potential risks.

<< Jump to How to identify the owners of a Teams group >>

Download the full Microsoft Teams Governance Checklist.

Microsoft Teams Governance Checklist

Microsoft Teams governance plan and template

Embedding a robust set of governance best practices for Microsoft Teams starts with an effective governance plan. There are twelve main phases to consider—read on for a step-by-step guide or download our Microsoft Teams governance plan template.

Microsoft Teams governance plan template

1. Define your purpose and scope

Before you begin, set the direction and extent of your governance plan. A clear purpose and scope helps everyone understand why the plan is necessary and where it applies within the organization.

Example: Purpose and scope
The purpose of this governance plan is to ensure secure and efficient use of Microsoft Teams at XYZ Corp, enhancing collaboration while maintaining compliance with industry standards and regulations.

This plan applies to all departments within XYZ Corp, with a particular focus on the Sales, Marketing, and Customer Support teams that heavily utilize MS Teams for daily operations.

2. Assign roles for your MS Teams governance plan

Assign roles and responsibilities to promote accountability and smooth functioning of your MS Teams environment. Start by establishing your Administrators (users that manage and control the entire environment) and team owners (users that manage specific teams, members, and channels). End by assigning users that only use Microsoft Teams for day-to-day communication as End Users.

Example: Role assignment
IT Department Heads at XYZ Corp are assigned as team owners and are responsible for managing team membership and settings. All other employees are Team Members who use Microsoft Teams for daily communication and collaboration.

3. Develop policies for day-to-day governance of MS Teams

Develop policies and procedures to standardize how Microsoft Teams should be used and managed, promoting consistency and efficiency. Team Creation and Management policies define who can create teams and how they should be managed. Data Access and Sharing policies ensure data is securely and appropriately shared and accessed. And App Usage policies manage the use of any third-party apps within MS Teams.

Recommended policies and guidelines include:

  • Microsoft Teams lifecycle guidelines
  • Microsoft Teams creation and management policies
  • Data access and sharing policies
  • App usage policies
  • Guest access policies
  • Archiving and retention policies
  • User behavior monitoring

4. Set your Microsoft Teams security processes

Establish security and compliance measures to make sure MS Teams usage complies with internal and external security and compliance standards. This should include:

  • Data protection measures to protect sensitive data from unauthorized access or leaks
  • Privacy settings to control who can see what information
  • Regulatory compliance measures to ensure MS Teams usage complies with relevant laws and regulations.
For the full list of measures, download CoreView’s Microsoft Teams governance plan template.

5. Implement a Microsoft Teams training program

Training your employees helps to drive adoption, bringing more activity under MS Teams and, in turn, your governance plan. Schedule initial onboarding and regular training to keep employees up to date with changes to both MS Teams and your policies.

6. Review regularly

Review and update your processes regularly to keep your governance plan relevant and effective. From the outset, establish how often the plan should be reviewed and how you plan to communicate any changes to your plan over time.

Example: Auditing
The governance plan at XYZ Corp is reviewed annually, with updates communicated via email and team meetings.

XYZ Corp conducts bi-annual audits of Microsoft Teams usage and policy compliance.

The IT department at XYZ Corp generates monthly reports on MS Teams usage, which are shared with the Senior Management team.

7. Plan for security incidents

Establish your incident response plan to promote quick recovery in the event of a security incident. An effective incident response plan will outline key responsibilities and actions if data is leaked or stolen, as well as how you plan to handle inappropriate usage of MS Teams.

8. Consider how you’ll store and archive data

Create Archiving and Retention policies to ensure any data is kept for as long as necessary, but not longer than is necessary. This is fundamental best practice for all data, but you should pay special attention to any known sensitive data across your organization.

9. Develop external sharing policies

Control how data is shared outside your organization with external sharing policies. Establish who has the authority to share data externally, what data can be shared, and how data should be shared to ensure security protocols are followed.

10. Create a governance plan change management policy

Set up your change management policy to ensure any changes to the governance plan are managed effectively. Identify who has the authority to alter the plan and the process for proposing and approving changes.

Download the full Microsoft Teams Governance Plan Template here (includes examples).

MS Teams governance with the native Microsoft Teams tools

While native governance tools provide basic functionality, be aware of their limitations and consider third-party solutions for more comprehensive governance capabilities.

Compared to purpose-built tools for governing Microsoft Teams, these techniques rely on manual analysis of the data, which can be time consuming depending on the size of your implementation. However, the native tools are can help identify possible policy violations, like inactive teams or team groups without owners. You can also use PowerShell to access more even Microsoft Teams data.

Below are the most common actions and frequently asked questions for Teams governance.

How to generate a list of inactive Teams groups in the Microsoft 365 Admin Center

Identifying any inactive teams groups is a vital part of Microsoft Teams' governance best practice. Once you know which teams are inactive, you can clean them up to reduce the risk of misuse or wasted resources.

Teams Group Activity screen
Inactive Teams groups report in CoreView

To find inactive MS Teams in the M365 Admin Center:

  1. Go to the Admin Center
  2. Under "Reports", select "Usage".
Usage link
  1. Under “Microsoft Teams activity”, select “View more”.
View more screen
  1. Click on the “Teams usage” tab.
Teams usage tab
  1. The "Last activity date" column shows the date of the last activity performed in the MS Teams group.
Last activity date screen
  1. Check the “Last activity date” column to determine if a teams group is inactive (e.g., if the last activity date was more than six months ago) and take the necessary actions.

How to view and create private Teams channels in the MS Teams Admin Center

Creating private channels is an effective way to control access to channels and ensure only the necessary users can use them.

Teams channel view in CoreView
Teams channel view in CoreView

If you're a Teams admin, follow these steps:

  1. Go to the Teams admin center
  2. Click on “Manage Teams
Manage Teams option
  1. Select a Teams group and then click on the “Channels” tab. You'll find private channels indicated under the “Type” column.
Channels Tab
  1. To add a new private channel, click on “Add” in the top-right corner of the tab.
Add screen
  1. Enter a name for the channel and select the type as “Private”.
  1. Select the owner(s) from existing members of the teams group.
Choose type screen

If you're already a team owner and want to create a private channel, refer to this MSDN article: Create standard and private channels in Teams.

How to create new private channels in Teams using CoreView

  1. Under “Reports > Teams”, select “Teams groups”.
Private Channel Creation using Coreview
  1. Click on the MS Teams group's display name to see its details and channels
  1. Select the “Channels” tab, then click on the “Create Teams group channel” action.
Creating Teams Groups Channel
  1. In the “Type” field, select “Private” from the dropdown menu and click “Submit”.

Using PowerShell to view and create Microsoft Teams channels

(Note: These PowerShell scripts were created by 9-time MVP Vasil Michev, 20-year Microsoft expert Marco Benaglio, and CoreView Cofounder and CTO Ivan Fioravanti.)

You can also use PowerShell to view and create Teams channels, which may be faster and easier to automate than manual handling through the Admin Center.

Before you begin, make sure to install the latest Microsoft Teams PowerShell module. Then, run the following command to connect to the MS Teams module:

Connect-MicrosoftTeams

To create a new private channel in an existing team, use the following command:

New-TeamChannel -GroupId fba2668a-ec8e-40fa-adc8-1bd6e8452231 -DisplayName "Production Team"-

MembershipType Private -Owner "ArunrajM@slbnew.onmicrosoft.com"

Creating a Private channel using a command.
  • GroupId: this is the ID of the team where you're adding the new channel. To find the group ID, use the following PowerShell cmdlet:
    (Get-Team -DisplayName "Arun-SourcePvtTeam").GroupId
  • MembershipType: this is the channel membership type, which can be either “Standard” or “Private”.
  • Owner: Provide the UPN of a user who is already available in the existing team’s membership.

For more information, refer to this MSDN article: New-TeamChannel.

Once this is done, you’ll see the following output in the Teams Admin Center:

Teams Admin Center screen

How to find empty teams groups in the Teams Admin Center

Keeping your environment clean is crucial, and part of that involves cleaning up empty team groups in your Microsoft 365 tenant to save on storage.

  1. Go to the Teams Admin Center
  2. Click on “Manage Teams”. This will show all the Teams groups created for your tenant.
Manage teams screen
  1. Click on the “Export” option to get the details into an Excel file.
  2. In Excel, you can find the Teams where both “Teams owners” and “Teams members” are 0. These can be considered empty groups.
  3. After you've checked the groups, you can delete them from the Teams Admin Center.

How to identify the owners of a Microsoft Teams group in the Teams Admin Center

Knowing who owns any team group is a key part of Teams administration. The Teams Admin Center enables you to view team group owners in a few clicks.

  1. Go to Teams Admin Center
  2. Under “Teams”, select “Manage Teams”.
Manage Teams Menu
  1. Find the team you're interested in from the available list, and then click on its name.
Manage Teams list screen
  1. This will display the Teams group and its members. By sorting the “Role” column, you can easily see who the owners are.
Teams Roles screen

Identify MS Teams group owners with the Azure Portal

You can also identify teams group owners in the Azure portal:

  1. Go to Azure Portal
  2. Select “Azure Active Directory” and then “Groups
  3. Search for the relevant Teams group.
Azure Teams group search screen
  1. Click on the Group name, then select “Owners” from the left menu.
Clicking on Teams group name screen
  1. This will display the list of all the group owners.

Identify MS Teams group owners with PowerShell

(Note: These PowerShell scripts were created by 9-time MVP Vasil Michev, 20-year Microsoft expert Marco Benaglio, and CoreView Cofounder and CTO Ivan Fioravanti.)

With the MS Teams PowerShell module installed, you can find team group owners with PowerShell. For more information on installing the module, refer to the Teams PowerShell install guide.

Once the module is installed, run the following cmdlets:

Connect-MicrosoftTeams

# Use Teams Admin credential to connect to Microsoft Teams

Get-TeamUser

-GroupId <String>

[-Role <String>]

[<CommonParameters>]

Example: Get-TeamUser -GroupId 2f162b0e-36d2-4e15-8ba3-ba229cecdccf -Role Owner

To get the Group ID use cmdlet Get-Team -DisplayName "Teams Display Name"

Here is a snapshot of the PowerShell cmdlet used to find the owner of the “cvnew” Teams Group.

How CoreView automates Microsoft Teams governance

Developing an effective, comprehensive Microsoft Teams governance plan is vital for any organization that uses Teams—but monitoring, managing and enforcing this plan is difficult at scale with the kind of manual tools Teams natively offers.

But to keep things simple, even at scale, consider using a Microsoft 365 management platform like CoreView.

With CoreView, you can be confident that you’re following established best practices for governing Microsoft Teams. With all the data in one place—from ownership to usage, user activity, and more, you’ll know exactly what needs attention and where to look for problems.

  • Set up automated alerts that continuously scan your environment
  • Easily monitor and alert IT admins if something unusual occurs

Plus, with our Governance Playbooks, you can ensure ongoing compliance with both internal and external policies and regulations—and get alerts when those policies are violated. And the best part? All these options are underpinned by extensive options for automation.

It’s the most effective way to get complete clarity on your entire MS Teams environment.

See Microsoft Teams governance made easy with CoreView. Tour the platform in under 3 minutes.

To learn what policies you should implement in other key Microsoft areas, download CoreView’s Microsoft 365 Governance Best Practices Guide.

Get a personalized demo today

Created by M365 experts, for M365 experts.