Platform
- Data Resiliency Cloud
  Data Resiliency Cloud
  Enterprise Cloud Backup and data management across edge, on-premises and cloud workloads
- Data Protection
  Data Protection
  Modernize data protection to reduce costs and complexity
- Cyber Resiliency
  Cyber Resiliency
  Be ready for cyber attacks with data that is always safe, always ready
  - Accelerated Ransomware Recovery
  - Security Posture & Observability
- Governance & Compliance
  Governance & Compliance
  Secure, protect, and streamline data governance for all your critical data, wherever it lives
  - eDiscovery and Legal Hold
  - Sensitive Data Management
- Take a Tour
Solutions
- Business Drivers
  Business Drivers
  Learn how Druva helps you accelerate key business initiatives
- SaaS Applications
  SaaS Applications
  Druva provides comprehensive data protection that supports multiple SaaS applications from a single platform. Discover the Druva difference today.
- Enterprise Workloads
  - Virtualization
    Virtualization
    Transform data center backup and disaster recovery for virtual environments
    
    VMware
    
    Nutanix
  - Databases
    Databases
    Reduce the cost and complexity of data protection for enterprise databases
    
    Oracle
    
    MS SQL
    
    SAP HANA
  - Files
    Files
    Discover a more cost-efficient way to protect on-premises and cloud NAS
    
    NAS/files
  - Public Cloud
    Public Cloud
    Protect native AWS and Azure deployments with secure backups without the cost and complexity
    
    AWS
    
    Microsoft Azure
- Enterprise Endpoints
  Enterprise Endpoints
  Unify SaaS apps and end-user device protection to reduce data risks. Improve cyber resilience and compliance by protecting enterprise workloads and assets.
- Free Trial
Customers
- Explore All Customer Stories
  We are trusted by the world's leading organizations to protect their data. Explore customer success stories to see how your peers are using Druva.
- Ransomware recovery ready
  Learn why Medallia chose Druva
  
  SaaS data protection across the enterprise
  See why Regeneron partnered with Druva
Resources
- 2023 Gartner® Magic Quadrant™
  See why Druva is recognized as a Visionary
  
  Data Resiliency for Dummies
  Get your guide to data resiliency
Partners
- Strategic Partners
  Strategic Partners
  Learn about Druva's strategic capabilities across platform, OEM, and other partnerships. Find out how Druva accelerates and protects customers' cloud journeys.
  - Dell Technologies
  - AWS
  - VMware
  - Nutanix
- Programs
  Programs
  Learn how you can profit with Druva and a cloud-first SaaS selling motion. Explore partner programs, access resources, and discover the benefits of partnering with Druva.
- Become a Partner
Company
- - Company
  - Leadership
  - Investors
  - Careers
  - Contact Us
  - Newsroom
  - Awards
  - Events
  - Blog
  - Diversity, Equity & Inclusion
- Get in touch with us
  Contact Us
  
  News, product innovations, and more
  Blog
Get Started
Support
Login
Language

6 critical challenges in Microsoft Teams data protection

August 12, 2021 Subha Rama, Sr. Product Marketing Manager, SaaS Apps

Microsoft Teams is unlike any other collaboration application you might have used in the past. It is the hub of all collaboration services in Microsoft 365 — right from channels, tabs, groups, voice, video, whiteboarding, rich presence, and persistent chat to file storage, guest users, and third-party application integrations. More importantly, it is still evolving, with protecting and securing its data proving to be no small tasks.

Amid the ongoing global pandemic, organizations have pivoted to cloud-based platforms like Microsoft 365 to help facilitate more immersive collaboration and ensure undisrupted productivity for a workforce that is fast adapting to remote working. Microsoft Teams itself has seen phenomenal growth in terms of both licensing and usage as it offers functionalities and applications that promise a better hybrid meeting experience.

As of October 2020, Teams reached more than 115 million daily active users who were generating 30 billion collaboration minutes per day.¹ This persistent collaboration is supported by a complex backend process that poses new, unforeseen challenges with a greater probability for security failures. For example, every time a user creates a new Team, a new security group with its members gets created in Azure AD. A hidden mailbox is created in Exchange Online to store the Team chats. If there is a private chat between two persons, that chat data is stored in the individual mailboxes of both the users. A new SharePoint site gets created for each new Team and each private channel gets its own SharePoint site.

Microsoft Teams connected sites

Source: Microsoft²

This complex ecosystem of connected Team and channel sites make it extraordinarily difficult to store, search for, and restore data.

6 critical challenges in Microsoft Teams data protection

There are several aspects to protecting Teams data. First, while it facilitates borderless collaboration, in today’s environment where organizations are facing multiple threats to their sensitive data, Teams greatly increases the attack surface by allowing web services to connect to channels and teams through connectors and webhooks. Second, the sheer scale of active engagement by users on Teams means that voluminous data is created in multiple formats and stored across Teams, Exchange, OneDrive, and SharePoint. Third, Microsoft deliberately designed Teams with an open permissions model – meaning anyone in your organization can create a Team, all Team members will have access to public channels, including chat messages, meeting content and shared files, and any third-party/guest user can access and upload files within the Team. Against this backdrop, let us look at some of the key challenges to protecting Teams data:

Complexity: With chats, channels, tabs, voice, video, and more, data is generated and stored across a diverse array of applications. This makes data location, backup and restore complex.
Evolving API support: The application programming interface (API) for Teams data backup is still evolving, with Microsoft not supporting certain data types. Until recently, voice and video content recorded and stored in Stream could not be backed up. However, Microsoft is in the process of changing storage processes and locations, adding functionality and removing some of these API-related bottlenecks.
Accidental data deletion: There is a growing risk of users accidentally deleting/sharing confidential information, or providing backdoor access to unauthorized third parties via the platform.
Data loss from ransomware and malware: Over the last several months, there has been a rise in the number of Teams-specific attacks as ransomware and malware can be delivered through a number of routes into the application. While Microsoft 365 Defender scans URLs/attachments in emails, those delivered directly to Teams chats are not scanned for malware.
Compromised Teams profiles: Compromised Teams profiles pose an immense danger to organizations as these accounts provide legitimate access to confidential data. Microsoft does not make any assurances for recovering/restoring customer data residing within Teams and the broader Microsoft 365 ecosystem in the event of permanent data loss.
Rule-based native data loss prevention: For data loss prevention (DLP), Microsoft offers only the following options:

Rule-based detection methods (as against powerful machine learning techniques of third-party security vendors that use correlation, behavioral analysis, natural language processing/NLP, and anomaly detection)
Incident management
Remediation workflows

Teams data restore and retention limitations

Teams is built around the fundamental belief that communication and collaboration should be “open,” which is counter-intuitive to the best practices related to secure data governance. Most larger companies follow stringent policies regarding backup, usage, retention, and deletion of data. Data restore becomes especially important for organizations that need to adhere to security and compliance standards such as CCPA, HIPAA, GDPR, SOX, and FedRAMP.

Chart of Teams data restore options and limitations

Customers will need to have a Microsoft 365 E3 or E5 license to use Microsoft’s retention policies, which can be applied to chat and channel messages. In addition to these, many other links, messages, and file types can be retained for compliance purposes. However, this does not include code snippets, voice memos, thumbnails, announcement images, reactions from others in the form of emoticons, emails, and files used with Teams.

Though Teams data gets stored across SharePoint, OneDrive, and Exchange Online, retention policies configured within these applications do not automatically apply to Teams, which makes retention of Teams data a fuzzy process riddled with uncertainty.

Overcoming Teams’ native data protection gaps

Druva offers the speed, flexibility, and granularity to facilitate data protection, retention, and recovery. With Druva, Microsoft 365 customers can back up all Teams data within all channels, including all metadata associated with individual Teams, and user permissions.

Druva supports two different restore functionalities — in-place restore (to the same Team from where the data was backed up), and restore as a copy (to a new channel or Team). This allows for the simple restoration of the following key assets:

Entire Teams
Teams’ settings
Entire channels or files/folders within a channel
Message or post previews
Wiki folders, including individual Wiki files within the folder

Overcome complexity and chaos

There are two critical pieces missing from Microsoft’s approach to data protection and governance for Teams:

The platform supports user self-service for data recovery and admin-driven bulk restores are a problem.
There is no data immutability – your data can be modified, deleted, or encrypted; I have heard customers say they have retention policies in place to counter this, but even then, retention policies can be modified, deleted, or intentionally disabled unless you have subscribed to Microsoft’s Preservation Lock.

With Druva, customers overcome the complexity of managing Teams data by:

Gaining complete visibility of what data is being generated across this complex collaboration ecosystem, how it is being used, shared, stored, and modified
Building context – the ability to identify and classify sensitive data for quick, targeted restores
Surfacing all insights related to their data on a single interface for simple, automated management

Customers no longer need to worry about retention time or storage quota excesses, which would have previously resulted in permanent data loss. Built-in immutability and ransomware protection ensure data in the cloud is always protected.

As your organization evaluates its Microsoft 365 and Teams data protection strategy, take a look at these helpful resources: Microsoft Teams data protection white paper, or read the Teams Q&A blog for finding answers to your most common questions.

¹Microsoft, “Microsoft Teams reaches 115 million DAU—plus, a new daily collaboration minutes metric for Microsoft 365,” Jared Spataro, October 28, 2020.

²Microsoft, “Manage Teams connected sites and channel sites,” Holland Kaviani, June 16, 2021.

6 critical challenges in Microsoft Teams data protection

Microsoft Teams connected sites

6 critical challenges in Microsoft Teams data protection

Teams data restore and retention limitations

Overcoming Teams’ native data protection gaps

Overcome complexity and chaos

Blog

Druva Data Resiliency Cloud

Cloud Backup & Recovery

Data Protection

Governance & Compliance

Cyber Resilience

Business drivers

Workloads

Partners

Customers

Resources

Company