In March, Microsoft made Teams Connect shared channels available for public preview, garnering a lot of buzz. That’s because this new feature doesn’t just make it easier to collaborate with your colleagues; it also streamlines external collaboration, allowing you to invite external partners to join a shared space to have conversations, schedule meetings, co-author files, and more.
This is essential in our new world of hybrid work where virtually connecting and collaborating with external colleagues like vendors, suppliers, customers, and partners is just as important as working digitally with your internal coworkers. Shared channels streamline this collaboration, skipping the cumbersome configuration, provisioning, and permissions that come with guest access.
With worldwide deployment set to be complete sometime this summer, there are a few things you need to keep in mind before enabling this feature to safely leverage shared channels for your next external collaboration.
In case you missed it: check out our detailed shared channels guide to learn more about when you should use them and how to enable them.
Shared Channels Don’t Replace Guest Access
Before shared channels, if you wanted to collaborate in Teams with an external partner your administrators would need to grant them a guest account. This required careful configuration and provisioning to ensure their access was not applied too broadly (which could potentially expose sensitive information).
Shared channels streamline this process by allowing you to create a shared space to collaborate. You can invite external users to the channel without inviting them to the Team that hosts it or even your tenant. Without the need to tenant switch, you lower the likelihood of sprawl, misplaced or duplicated files, and oversharing.
Despite how easy and flexible this makes external collaboration, shared channels do not replace guest access. There are different times that each feature would be better suited.
For example, if you’re working on a short-term program such as a joint event or a one-off project like a white paper, it would be a lot of work for your IT team to provision guest access accounts for those users. This is where shared channels can be particularly helpful since you can create or add these external users to a channel dedicated to this project and easily communicate, connect, and collaborate.
Alternatively, you may have a consultant or vendor that you work with year-round who needs access to many facets of your tenant. In this case, it could cause sprawl to create multiple shared channels for these users to access information that already exists elsewhere. In this situation, giving this person a guest access account makes more sense.
Another thing to note: if you have a user who does not have their own Microsoft account, such as a vendor whose organization uses Google Workspace, you would need to create a guest account for them to access anything in your tenant (including shared channels).
While guest accounts can be tedious–requiring careful configuration and user tenant switching–there are situations in which it’s still a better solution than shared channels, and is an important tool to keep in your toolkit.
Your Governance Policies Need to Be Updated to Include Shared Channels Guidance
While the beauty of shared channels is that your users are never leaving your tenant, inviting external users in will always have risks. If you don’t update your governance policies to reflect and remediate the risks associated with this, your tenant could be vulnerable. Collaboration is great, but you don’t need to sacrifice security for the sake of it.
What’s more, if another organization owns the shared channel your team is working within, they have full options to secure and govern data to meet compliance needs. Before your team shares any sensitive information in another company’s shared channel, you need to verify your partner’s policies to ensure they meet your own standards of data protection.
There are native policies within shared channels to protect your workspace, such as automatically adopting the host tenant’s settings and granting the same sensitivity labels as the parent Team. However, it’s also important to know that everything shared inside a channel can be accessed by anyone who has access to that channel, and if a user is granted access to a file, folder, or notebook in a shared channel, removing the user from the Team or shared channel won’t remove the user’s access to these documents.
You need to educate your team about what collaborating on a shared channel means, including these native policies, so they do not accidentally open your environment to threats or overshare sensitive information. The more they know, the less likely they will make a simple mistake that could unravel your entire operation.
You also need proper policies and reporting in place to ensure your environment stays protected. That’s where AvePoint can help. With tools like AvePoint Policies and Cloud Governance, you can set, enforce, and monitor policies that keep your environment secure. Both are invaluable for protecting your data while enabling easy external collaboration.
Be Wary of the Possibility of Oversharing and Sprawl
Shared channels help prevent accidental oversharing and stop the creation of additional workspaces simply to collaborate with external users. Despite this, both oversharing and sprawl are still a possibility with this new feature.
That’s because shared channels are meant to be a “boundary-less” experience. According to the latest from Microsoft, a Team can have 200 shared channels (which can have 5,000 members), be shared with 50 Teams, and include an infinite number of external users. This “limitlessness” is certainly a perk for collaboration but opens the door to too many users with unnecessary access to these channels.
This not only makes your environment vulnerable but could lead to oversharing. With too many unnecessary and possibly overprivileged users who might be able to create sharing links or even just download and disseminate information, your business-critical and sensitive information could be exposed. One shared link could result in “explicit permission” for a user you never intended to have access to the information stored in your channels.
Plus, you can now have 80+ SharePoint sites for a single Team. This is amazing, as it allows you to create custom and specific document libraries. However, this much room for growth could also be your downfall; despite there being space to spread, you need to create intentional and meaningful information hierarchies and lifecycle rules to ensure data isn’t lost in a sea of Sites just because it can be.
Shared channels save you time and manpower you otherwise would have needed to configure and provision guest accounts, making the feature well-worth any additional measures you must take to prevent oversharing and sprawl. However, you need to be aware that there’s a possibility for both and take intentional steps to secure and manage your team’s use before diving headfirst into shared channels.
The release of shared channels introduces streamlined collaboration in a secure, governable, and compliant environment. With this new feature, co-hosting an event, co-writing a white paper, or collaborating on any sort of external program or project will be a breeze, with less chance of logistics being forgotten, details getting lost in translation, or technology getting in the way of collaboration or productivity.
While this is a very exciting release, you need to take the appropriate precautions when leveraging the new feature to avoid comprising the security of your tenant in the name of collaboration. However, just like any new tool, once you get the hang of it and incorporate appropriate policies, you’ll wonder how you ever got by without it.