Records Management and Microsoft Teams

Written by Cody Mortimer and Tim Kurucz

In today’s ‘work from anywhere’ environment, or perhaps a new era, it has become challenging for organizations to police how employees communicate, collaborate or share content within the organization. As organizations adapt to this heavily remote environment by implementing modern collaboration and communication platforms, the ability to enforce the correct level of data governance and compliance is critical. 

One of the most popular collaboration and communication platforms is brought to use by Microsoft.  Microsoft Teams, which has surpassed 115 million daily active users in October 2020, enables employees to work from anywhere while staying secure and compliant.  

Let’s explore Microsoft Teams capabilities and several tools to help manage and govern your origination’s data. 

Creating a Team 

For organizations with Teams deployed, by default, anyone can create a Team. This newly created Team can be a Public Team or Private team, with a 10,000-member maximum (excluding GCC and GCCH/DoD environments). Upon creation of a new Team, a new Microsoft 365 group is created as well as multiple new data sources association with the Team: 

  • The Team’s SharePoint site (document library to store Team files) 
  • The Team’s group mailbox (channel chats and shared calendar) 
  • OneNote notebook

Once a team has been created, additional channels can be created within the team. These channels can be set to Public or Private. If a Private channel is created, a new SharePoint site is created as a file repository. The purpose for the new SharePoint site is to ensure the private channel’s files are only accessible to the private channel members. In an effort to improve data governance and reduce complexity, Microsoft Teams admins have the ability to disable the creation of Private Channels. 

Microsoft Team Architecture


Manage and Govern Your Data 

Compliance Tools

Since Microsoft Teams is built within the Microsoft 365 and Office 365 environment, many features are available for you to ensure you are efficiently managing and governing your organization’s data. 

Information Barriers

In a strictly regulated environment, chats and collaboration between different departments may need to be prevented. Information Barriers (IB) are policies designed to prevent people or groups from communicating with each other. These types of policies can be configured to automatically prevent users joining or starting a chat session, sharing or viewing a screen share session, or even joining a meeting. 

Retention Policies

Retention polices have existed for numerous years and can be applied to Microsoft Teams data to retain data for a period of time then deleted. Team retention polices can be set to the entire organization or to specific teams. By default, and assuming no user deletions or retention changes occur, Teams data is stored indefinitely.   

Communication Compliance

Communication Compliance is a tool designed to minimize communication risks by helping detect, capture, monitor, and act on inappropriate or sensitive messages found in chats, attachments, and public and private channels. Once these types of messages have been identified compliance reviewers could review these flagged messages and remove them from Teams if deemed necessary.  

Policy Based Recordings

Some organizations may have a business need or external requirement to record and preserve Team meetings. These policies can be configured to determine when calls and online meetings should be automatically recorded and captured. 

Data Loss Prevention

The primary purpose of Data Loss Prevention (DLP) is to limit or even prevent people from inappropriately sharing sensitive information. A DLP can be designed to monitor, report, block or even encrypt sensitive information found within Teams, including Private channels and chats. 


Your organization may be required to collect and produce conversations or documents in Teams. Microsoft Core eDiscovery and Advanced eDiscovery both support the discovery, review, and export of Microsoft Teams data. Knowing where each type of data resides will be an important step in your eDiscovery project planning. Teams data can be stored in several locations. 

  • Team mailbox – team’s public channel chats 
  • Team SharePoint – team’s public channel content 
  • Private Channel SharePoint – private channel content 
  • Member’s personal mailbox – 1:1 chats, 1:many or group chats,  private channel chats 
  • Member’s personal OneDrive – files share in private chats, found in sender’s OneDrive 

Important Notes:  

  • Each location is mutually exclusive from the other locations, so each data location will need specifically targeted. 
  • You cannot perform an eDiscovery search against a single standard channel, the entire team must be searched. 

Microsoft Teams Data Location

Legal Holds 

When a reasonable expectation of litigation exist, organizations may be required to preserve Teams data. An entire Team or selected users can be placed on a legal hold. Doing that will make sure that all messages that were exchanged in those teams (including private channels) or messages exchanged by those individuals are discoverable. Placing a Team on legal hold does not place the members on legal hold and placing a user on legal hold does not place their Teams on hold. If conversations and shared content within private channels need to be retained, a legal hold must be placed on the private channel member’s mailbox and OneDrive too. 

Archiving a Team 

If you’re at the end of a project, or your organization has many inactive Teams, you may want to deactivate these Teams. There are two options available, archive or delete. When archiving a Team, all activity for that Team stops, thus preserving a point in time view of the inactive Team. Also archived is the private channels and their associated site repositories.  

When deleting a Team, all Team activity in standard and private channels and the associated site repositories are deleted. Deleting a team also removes the Team mailbox and calendar from Exchange. If a deletion occurred by mistake, there is a 30-day window to restore the data.