The Complete Microsoft Teams Field Guide for Legal & Compliance Teams

Moreover, the COVID-19 pandemic has created an environment in which a tool like MS Teams is absolutely essential. With countless employees working from home, team collaboration tools have become central repositories that remote teams depend on to communicate and collaborate in real-time.

The ROI of Improved Collaboration

Team collaboration tools can have a very real impact on a company’s bottom line. In a study on the economic impact of Microsoft Teams, research and advisory firm Forrester found that the implementation of Microsoft collaboration platform can offer a tremendous return on investment.

“Overall, customers were pleased with Teams and how well it integrates with the rest of Office 365. They cited associated cost savings as a key factor in adopting Teams. For a standard 5,000-user organization, the study reported benefits and costs of roughly $30.3 million and $3.3 million respectively, resulting in an overall net benefit of $27.1 million over three years,” states the report.

In other words, MS Teams can deliver a 10x ROI. How is this possible? According to Forrester, it all comes down to the fact that the tool makes it easier to meet, communicate, and collaborate—which drastically cuts down on the time needed to make decisions and get work done.   

What Better Collaboration Looks Like

While it might be hard to believe that improved communication and collaboration could have such a massive financial impact, the cumulative effect of a series of efficiency gains should not be underestimated. According to the Forrester report, MS Teams offers (among others) the following key benefits:  

• Employees have fewer meetings—and those meetings tend to be shorter. Teams makes it quick and easy to have virtual meetings, which results in potential savings of $6.9 million.
• Workers save four hours a week thanks to better collaboration and information sharing. With crucial files and conversations all centrally located, there’s less time spent hunting around for information. This can result in savings of $14.3 million.
• Employees save an hour a week because they’re not constantly switching between applications. Crucial apps—especially those within the MIcrosoft suite—are all easily accessible within Teams, which again means less time wasted. Savings here can be up to $4.8 million.

To see the other seven benefits mentioned, have a look at the full Forrester Total Economic Impact Of Microsoft Teams Report.     

While the use of Teams can be beneficial to the organization as a whole, it does introduce certain challenges—specifically for departments like Legal and Compliance.

The financial services industry is a perfect example. As great as it is to be able to easily communicate with clients through channels and chats, MS Teams use must also comply with regulations laid out by entities like the Securities and Exchange Commission (SEC), Financial Industry Regulatory Authority (FINRA), and the Federal Financial Institutions Examination Council (FFIEC).

Microsoft Team Collaboration Tools — The New Email

To understand the recordkeeping and compliance challenges of a modern enterprise collaboration platform like Teams, it’s useful to compare it to email. Although it is hard to imagine today, there was a time when organizations were not entirely sure how emails should be stored and managed to meet compliance needs. As the technology evolved, and regulators and courts started to hand down specific rules and guidance, companies slowly understood what was required of them and implemented robust retention systems and processes.

Today, just about every company understands that employee emails have to be retained for a set period (usually somewhere between three and seven years), and subsequently have some sort of email vault or other archiving solution in place. And even if an organization isn’t operating in a highly-regulated industry, the threat of litigation makes it a prudent thing to do.

Broadly speaking, emails need to be archived for the following reasons:

• Regulatory Compliance: Meeting the requirements of organizations like the FDIC, FFIEC, FINRA, and IRS, and preparing for related regulatory audits
• Litigation and eDiscovery:Keeping detailed records of communications in the event of a legal matter, both external lawsuits and internal employee matters. As with any digital file, an email can be altered, so it’s important to have an accurate copy of the original.
• Data Security and Knowledge Management:With so much digital information being shared, it’s important for companies to monitor the flow of information and keep close track of what is being shared.

Just like with email, Microsoft Teams content should be collected and preserved to meet the above requirements.

Simply put, if a recordkeeping rule applies to email, it also applies to an enterprise collaboration tool like MS Teams. So any organization looking to understand how they should handle the recordkeeping requirements of Teams need only look at how they currently deal with email. Is every employee’s emails being archived for seven years? Then the same should happen with enterprise collaboration records.

The Recordkeeping Challenges of Microsoft Teams

While the recordkeeping requirements of MS Teams might be similar to that of email, the practical process of collecting and retaining Teams data looks very different.

The fact of the matter is, collaboration tools like Teams are upending traditional approaches to recordkeeping, which is why it is giving records managers, compliance professionals, and legal teams so much trouble.

Companies are used to dealing with discreet records (like emails and PDFs), but Teams has more in common with a social media platform like Facebook. The following characteristics of the platform complicate the recordkeeping process:

• Real-Time Activity:Unlike with an email or PDF, content in Teams content is always evolving. Not only can users chat and share files in real-time, but they can also edit their posts and delete content. This means that as soon as a record is created (by, for example, taking a screenshot) it is already outdated because the content has been altered.
• Teams’s Multifaceted Nature: Microsoft Teams channels and direct messages contain far more than text messages. They consist of GIFs, reactions, videos, shared files, etc.
• App Integrations and Linked Content: Many popular third-party applications boast Teams integrations. Most importantly, Microsoft’s own vast suite of products all integrate seamlessly with Teams. This results in a great user experience, but when it comes to recordkeeping, untangling this web of linked content can be tricky.
• Complex Data Structures: As alluded to above, understanding where exactly data resides within the Teams ecosystem can be difficult. Files linked in chats and channels can reside within SharePoint, OneDrive, OneNote, etc.

As with emails, PDFs, and other electronically stored information (ESI), Microsoft Teams data needs to be taken into account when it comes to the discovery process.

In fact, the argument can be made that Teams is now one of the key data sources that any legal department needs to contend with. During a series of focus groups conducted by Pagefreezer and the Association of Certified E-Discovery Specialists (ACEDS), 85% of in-house legal professionals stated that collaboration app data (especially Teams data) was the most commonly encountered data type related to legal matters.

This is hardly surprising. As collaboration apps have usurped email as the chief mode of communication within organizations, more and more crucial ESI have migrated towards these tools. According to Microsoft, the average Teams user sends around 1,000 messages every month—which adds up quickly when you’re dealing with thousands of employees. This means that an application like Teams is simply too valuable an evidence source to ignore. Given how much communication takes place on Teams these days, it’s highly likely that important information is hiding in the platform—and by ignoring these chats and channels, legal teams are missing crucial information.

In other words, it’s vital that legal teams include Teams data in its investigations and early case assessments, but how can they do this effectively?

Microsoft Teams and the eDiscovery Process

Given how much data is being generated within a Teams instance every single day, it can offer challenges when organizations try to incorporate it into existing eDiscovery workflows. 

Enterprise collaboration tools like Microsoft Teams, Slack, and Workplace from Meta require a new approach to eDiscovery. In order to be able to deal with this data effectively, legal teams need to:

• Have easy access to the platform: Legal teams need to be able to access Teams records without the involvement of IT or any other department. If they have to depend on IT support to access Teams records, the process will simply be too complex and time-consuming.
• See edited and deleted content: A particularly incriminating piece of content is likely to be edited or deleted by the user before the legal department has time to collect and preserve it, which means they should have some way of not only viewing content that is currently live on the platform, but also view data that has since been edited or deleted.
• Quickly search the platform: With so much data being generated within Teams, trying to find one particular piece of evidence can feel overwhelming. Because of this, legal teams need a way of quickly and thoroughly searching the platform for relevant ESI.
• Export evidence in defensible format: Once relevant content has been found, it needs to be exported in a defensible format that proves the authenticity of the record, such as a PDF with associated metadata. In many instances, legal teams will also want to export Teams data in a format that can be ingested by an eDiscovery platform like Relativity, Exterro, or ZDiscovery.

Meeting all of these needs in an efficient manner can be difficult if Teams data isn’t managed correctly. We’ll look at how companies can handle Teams data to simplify the lives of legal teams in a little while, but first we’ll also examine what the existence of Teams means for compliance departments.

As stated in “The Legal and Compliance Challenges of Microsoft Teams” section of this document, it’s useful to compare Teams with the recordkeeping requirements of email. If your organization archives all employee emails, it should also be archiving all Teams communications. If a regulator like the SEC or FINRA has laid out recordkeeping requirements that cover email, they also cover Teams communications.

Because of this, the needs of compliance departments are very similar to those of legal teams. Compliance professionals need to:

• Have easy access to the platform to find relevant records.
• See edited and deleted content that’s no longer present on the live platform.
• Quickly search the platform for relevant records.
• Export these records in a defensible format that will be accepted by regulators during an audit.

All Compliance Starts with Records Management

Apart from the issue of recordkeeping requirements, it’s important to realize that all compliance starts with good records management.

The compliance function of an organization can’t effectively assess a firm’s policies, controls, and procedures without access to reliable records of online data. For example, no compliance team can assess the risks of money laundering and terrorist financing without seeing the relevant records and data related to due diligence processes, transactions, and internal and external reporting.

The same considerations apply when it comes to assessing the risk of misselling or market abuse and insider trading. A review will be flawed if financial promotion records, checklists, and transaction records are incomplete.

In other words, there is a very close link between compliance risk and the integrity of online data. If there are no formal controls in place to manage the vast volumes of electronic data, the compliance function will be of little help when there is a regulatory matter. With so much regulatory focus on responsibility and accountability, it is crucial that the integrity of data is maintained and that everyone understands their own responsibilities.

This obviously has massive implications for the use of Microsoft Teams, especially when employees are working remotely and depending on the platform to share documents. If compliance professionals don’t have access to reliable records, the potential repercussions extend far beyond fines related to recordkeeping requirements—every aspect of compliance (including those related to very serious allegations like money laundering, terrorist financing, and misselling) can be impacted.

Monitoring Teams for Compliance

Another issue worth discussing is monitoring. While accurate recordkeeping and good information governance of Teams is crucial to regulatory compliance, active monitoring can go a long way towards preventing compliance issues from escalating—and in many cases prevent them from happening altogether.

Monitoring and Data Loss Prevention (DLP) solutions can be used to notify compliance professionals and other stakeholders as soon as sensitive information (like credit card numbers, social security numbers, bank account numbers, etc.) is shared over Teams. 

These monitoring tools can also be used to ensure that use of Teams complies with internal communication policies. As with sensitive information, text patterns can be used to monitor the platform for profanity and other inappropriate language, thereby making it easier to curb bullying and harassment in the workplace.   

Having outlined how Teams data impacts legal and compliance teams, we can now examine how organizations can better manage this data to facilitate legal and compliance requirements.   

To help organizations deal with Teams and other team collaboration data, companies should adopt the following risk-mitigating strategies:

• Set Clear Policies: Companies should have formal policies in place that guide the use of team collaboration platforms. There should be a communication policy that outlines how employees should communicate on the platform (no profanity, no bullying behavior, etc.), and there should be a security policy that explains how sensitive data is monitored and protected.
• Provide Mandatory Training: Employees need to be given mandatory Teams training that outlines exactly what acceptable use of the platform looks like and discusses company policies in detail—they shouldn’t be expected to read (and sign) these policies on their own, but should instead be walked through them as a regular part of onboarding. Even though this can be time-consuming, it is one of the most effective tools available in combating improper use of a team collaboration tool.
•  Carefully Manage Users, Groups, and Roles: Microsoft Teams allows administrators to manage an incredible number of settings and permissions. Compliance professionals can use these capabilities to greatly reduce the risks associated with the platform. For instance, it’s possible to block file downloads, thereby reducing the risk that employees will download sensitive files onto their local computers.
• Monitor the Platform: As mentioned earlier, companies should ideally monitor Teams to curb data loss but this doesn’t mean that employees need to be under constant surveillance from IT and HR teams. Modern monitoring and data loss prevention tools can automate this process, necessitating human involvement only once suspicious behavior has been flagged. Large keyword libraries of inappropriate language and sensitive data can be used to monitor conversations in real-time without anyone “spying” on employees.
• Collect and Preserve Teams Data: As mentioned earlier, Teams data can easily become central to a legal matter. And if a case finds its way to court, legal teams would need to submit authenticated evidence. This means Teams data needs to be collected and preserved in a format that would be accepted by a court. The best way to do this is to rely on an eDiscovery solution that automatically collects and preserves this data. (More on this in the next section “Dealing with Microsoft Teams Data for Compliance and eDiscovery”).
• Manage Retention Settings: Another crucial step in managing the eDiscovery and compliance of Teams is implementing correct retention settings. Team collaboration tools allow you to set retention periods for channels and conversations. You want to make sure that these settings align with the retention periods of your larger organization. You might not want to retain messages forever, but you also do not want to delete data too quickly, leaving legal, compliance, and HR teams unable to retrieve these records.

It’s worth diving deeper into the evidence preservation and data retention aspects mentioned above, as these activities often present legal and compliance teams with the biggest challenges. We’ll discuss these in the following section.

What does it look like for legal and compliance teams to deal with Teams data in practical terms? Say, for instance, a specific piece of Teams data is needed for a legal matter or regulatory audit. How would teams find that relevant piece of content and export it?

Screenshots of Live Teams Data

The easiest way to tackle this task is to search for the content directly in the platform with the help of Teams’s own search functionality—and once found, to take a screenshot of it.

But this approach has a couple of issues. First, giving various legal and compliance team members admin rights that provide them with access to all private channels can make it easy to find data, but it also runs counter to the principle of least privilege and introduces privacy and security concerns. Moreover, it would not give these investigators access to direct messages between employees, so a significant blindspot would still exist. 

Second, taking a screenshot of content directly in the platform doesn’t capture any metadata that would prove its authenticity. The only metadata attached to the screenshot would be that of the JPEG itself, so it would be impossible to prove that the content had not been tampered with in Photoshop or some other image-manipulation tool.

In short, the above is not a scalable or reliable approach to Microsoft Teams recordkeeping.

Microsoft Purview (eDiscovery)

Microsoft Purview is a data governance solution that enables organizations to discover, analyze, and manage their data assets across various platforms and data sources. It provides a unified, centralized view of an organization’s data, helping to ensure that data is accurate, secure, and compliant with regulatory requirements.

Purview can connect to a wide range of data sources, including on-premises, cloud-based, and SaaS data stores, and allows users to search and explore their data using natural language queries. It also provides data lineage and data cataloging capabilities, enabling users to track the origin of their data and understand how it’s being used throughout the organization.

As part of Purview, legal and compliance teams have access to Microsoft eDiscovery. The solution is part of the Microsoft 365 suite of products and services and is designed to help organizations efficiently manage their eDiscovery workflows and comply with legal and regulatory requirements.

With Microsoft eDiscovery, organizations can search and collect data from a wide range of sources, including emails, documents—and Microsoft Teams. The solution includes search and filtering capabilities, as well as features for preserving and exporting data in a legally defensible manner.

Microsoft eDiscovery also includes features for managing and collaborating on eDiscovery cases, such as assigning tasks and roles to team members, tracking case progress, and generating reports. The solution is designed to be scalable and can handle eDiscovery workflows of any size, from small, ad-hoc requests to large, complex cases.

Overall, Microsoft eDiscovery is a robust solution for managing eDiscovery workflows, enabling organizations to reduce the time needed to respond to legal and regulatory requests while ensuring compliance with legal and regulatory requirements.

So is Microsoft eDiscovery the only solution that legal and compliance departments need when dealing with MS Teams data?

Microsoft eDiscovery Standard
The reality is, not all users have access to the full capabilities of Microsoft eDiscovery. In order to make use of advanced features, you need a top-tier Microsoft 365 E5 license. Users on the far more common E3 license are required to accept certain limitations. For instance:

• Rather than automatically searching across the multitude of locations where Microsoft data can potentially reside, users must identify individual locations to be searched, such as a drive or cloud location.
• Targeted collections within Teams will only return search hits, not the surrounding messages in the conversation (which can potentially be very relevant to an investigation).
• Linked files in Teams are not logically connected to their corresponding messages.
• Each Teams message is archived and exported as an individual message item in PST format. This means that legal and compliance professionals are forced to manually reconstruct conversations from PST files, which need to be opened in Microsoft Outlook and individual messages in a discussion thread are presented as a single email — a slow, frustrating, and error-prone process.

An example of Teams conversations broken into individual PST files. Reconstructing these chats can be slow and frustrating work.

• It is expensive compared to the Microsoft E3 license. As a result, many organizations simply do not feel as if the added cost per user can be justified.
  eDiscovery Premium is complex and not particularly user-friendly—onboarding users can require time and effort.
• Searches are slow to execute, especially when dealing with large data volumes. Searching through Teams chats is also challenging. A search often returns replies to a comment and not the original thread.
• PDF exports of Teams data—a very popular format—is not available through Microsoft eDiscovery.
• The tool offers limited customizability in terms of features and design options for specific verticals/users.
• Due to its integration with other Microsoft products, it excels at finding data within that ecosystem. However, searching for information, files, and applications that are not part of Microsoft 365 remains a challenge.

Overall, eDiscovery Premium is a comprehensive solution that is all but a necessity for organizations that make use of the full spectrum of Microsoft solutions. Due to its integration with the Microsoft suite, eDiscovery Premium is incredibly effective at facilitating investigations across MS Office, ProofPoint, OneNote, OneDrive, etc. But when it comes to dealing specifically with Teams chats and channels, eDiscovery Premium is arguably not the best solution—especially if cost is a key factor.

Microsoft Teams Graph API and Export API

The best solution for legal and compliance teams is to adopt a tool that leverages Microsoft’s Teams Export APIs.

In order to simplify compliance and eDiscovery, Microsoft offers APIs that can be used by third-party vendors to offer dedicated solutions. Pagefreezer for Microsoft Teams is exactly this kind of solution.

With Pagefreezer, legal and compliance teams can get access to Teams data through a dashboard that recreates the native platform exactly. So instead of dealing with confusing PST files, content can be viewed in its original context, complete with all the GIFs, videos, emojis, etc.

MS Teams chat conversations are displayed as a message chain within the Pagefreezer platform and can be exported in PDF formats for more in-context review.

Legal and compliance professionals can also use advanced search to quickly and accurately deliver relevant content across all users, chats, and channels within Teams.

And when it comes to preparing this data for a legal matter or regulatory audit, Pagefreezer users can instantly select relevant content, add it to a case file, leave comments and notes, and then export this data to local servers. Content is exported in user-friendly PDFs, complete with associated metadata.

All of the above is delivered at an affordable cost that is significantly lower than other license options, while delivering legal and compliance departments with a sophisticated tool designed specifically to meet the challenges of Microsoft Teams chats. With a solution like Pagefreezer for Microsoft Teams, finding, reviewing and exporting Teams content becomes a breeze.

Like other data sources—such as email clients, websites, and text messaging apps—Microsoft Teams requires the implementation of effective legal and compliance solutions. Given how much communication is taking place over enterprise collaboration platforms these days, ignoring their existence is simply not an option for legal and compliance departments. Their content is guaranteed to become increasingly relevant to legal and regulatory matters. 

That said, Teams and other team collaboration tools should not be seen purely as data sources that need to be corralled. Teams also serves as a centralized hub for legal and compliance professionals to access critical information, such as legal documents, policies, and regulations. This helps to ensure that everyone has access to the latest information, reducing the risk of errors and omissions. With the right legal and compliance solutions in place, these platforms can actually improve information governance and make it easier to identify crucial ESI.