Phishing emails are fake messages, designed to look legitimate.
They cost businesses around the world billions of dollars each year. And they get opened by about 30% of people. These emails will generally impersonate a person or company that you trust or deal with, and attempt to trick you using one of three things:
They’ll use a fake person – someone pretending to be someone you know, so that you share information or transfer money into an attacker’s bank account.
They’ll set up a fake site – So that you enter your private information, like passwords or credit card details, or provide a rogue app with permission to access your data.
They’ll create fake attachments – attackers will disguise malware in fake invoices and shipping notification to remotely access your computer or encrypt your files.
How can I prevent phishing emails with Microsoft 365?
To give our teams the best chance of avoiding phishing emails, not only do we need to make people aware of the methods above, we need to configure the features in Microsoft 365 that address them. Starting with Office 365 Advanced Threat Protection
Start with Office 365 Advanced Threat Protection
This is your companies primary defence against phishing emails. While all Office 365 plans come with a built-in anti-phish policy, it’s not even close to what’s offered in Office 365 Advanced Threat Protection, also known as Office 365 ATP.
Once you’ve purchased Office 365 ATP, you should jump into the Security and Compliance centre and check out your anti-phishing policy.
Its default controls are pretty good for detecting phishing emails that impersonate your users, your domains and external contacts. It develops an understanding of how your users and their contacts interact, the addresses and sending infrastructure they use, and identifies anything out of the ordinary. If it detects an impersonation attempt, the message is either quarantined or delivered with a warning.
You can enhance your protection by adding users in roles like CEO or CFO to the targeted user protection feature. You can also add external domains, that you frequently interact with, to the targeted domains feature.
Use a mail transport rule to warn on external impersonation
You can configure a mail rule that applies a warning to messages where an external sender uses a display name that matches someone internally in your company. We have an example rule on our website that has been pretty popular amongst smaller organisations.
So that helps address fake senders, how about fake attachments and fake websites? Office 365 ATP addresses these with the Safe Attachments and Safe Links policies.
Detect malicious attachments with Safe Attachments policy
The safe attachments policy can protect your users from malware sent by phishing emails, like the COVID-19 phishing campaign that used Excel files to install a malicious remote access tool. The Safe Attachments feature analyses your attachments in a separate environment, running a bunch of checks for malware then blocking the email or removing the unsafe attachment.
Detect malicious websites with a Safe Links Policy
The Safe links policy scans your URLs in emails for links to malicious sites. If a malicious website is detected, Safe Links blocks users from visiting it.
Remove phishing emails from mailboxes after delivery
These tools work by analysing messages for known malware, bad links or untrusted senders and stopping them arriving. But what happens if a bad email gets through, and the system doesn’t realise until later?
You should configure Zero Hour Auto Purge. Zero Hour Auto purge removes bad messages from your mailboxes retroactively and sends them junk, quarantine or deleted items.
Set up Office 365 ATP and Exchange Online Protection with recommended best practices
I’ve just discussed four different security policies in a few minutes. If you’ve spent any time looking at ATP or Exchange Online Protection policies, you’ll probably notice there’s a lot of policies, and most of them are already set up. Should you change anything or leave them as they are?
It would help if you changed them, and Microsoft has two levels of recommended best practices that they say will prevent most unwanted messages from reaching your team.
These two levels are called Strict and Standard. In our experience, Strict is very strict, but it’s a good starting point that you can enable first, and adjust later.
Test users by simulating a phishing campaign
Once your policies are set up, you should test your users. If you purchase Office 365 ATP Plan 2, you can run attack simulations against your team. Attack Simulations can help you identify and find vulnerable users before a real attack impacts them.
Protect your accounts if your team gives up their credentials
But what happens when messages get through? What happens when users get duped and provide their login details to attackers?
Protect your accounts. If a user enters their credentials into a fake website, we need to make sure an attacker can’t use these credentials alone to log in. All Office and Microsoft 365 plans allow you to configure multi-factor authentication; this will ensure that attackers can’t log in without having access to an additional form of verification such as a phone or authentication token.
If you have a plan that includes Azure Identity Protection, you should set up a sign-in risk policy to monitor for unusual logins. These policies use machine learning to detect suspicious activity and can temporarily block sign-ins and accounts if something’s amiss.
Monitor for unusual applications with access to your users’ data.
Now that accounts are getting more secure by default, attackers are requesting access to user data via apps. And it’s worse if they manage to trick an admin user because then attackers can have longstanding access to an entire organisation that persists even when passwords are changed.
It can be challenging to detect if a user clicks a phishing link and provides a rogue app with access to their mailbox, OneDrive or SharePoint data. So you use Microsoft Cloud App Security to get alerted to unusual oAuth applications with access to your teams’ information.
Be extra vigilant if your data has been exposed in the past
Take extra care if you, or companies you regularly interact with, have been breached before. If attackers have had access to your company data and know who usually communicates with who, and for what purposes, they will try to exploit that information by setting up fake emails to hold their fake conversations with their fake invoices to get your real money.
Need help with phishing in Office 365 or Microsoft 365?
If you need assistance setting-up these policies in your organisation or need a hand cleaning up after a successful phishing attack in Microsoft 365, we’d be happy to help. Reach out to us via chat, or using the form below.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2020-05-27 17:33:392020-05-27 20:42:02How do I stop phishing emails?
While most organisations take measures to prevent and protect against external cyber-attacks, many don’t protect themselves against accidental leaks by their internal staff.
Sending private information to the wrong person can put an organisation’s reputation on the line and have a dramatic effect on the disclosed party. Under Australia’s Privacy Laws, businesses need to have security measures in place to protect personal data from being leaked unintentionally.
How does an accidental data breach occur?
It’s often a staff member sending an email to the wrong person or inadvertently attaching a document that contains sensitive information. It could also be sending Personally Identifiable Information like Tax File Numbers, Credit Card numbers or Medical information over insecure channels.
What steps can I take to prevent accidental data leakage?
It may be obvious, but it starts with user education.
Document your best-practices and train users on what types of information they can share outside of the organisation.
But what can we configure to make sure we detect and catch any mistakes before they go out?
Microsoft has tools that can prevent sensitive information from being sent unintentionally. Here is a brief list of each tool and what they can do:
Communication Compliance
Communication Compliance is the latest addition to Microsoft’s insider-risk toolset. Communication Compliance helps you detect, capture and take remediation actions when your team sends inappropriate messages.
So what’s an inappropriate message? It can be something that goes against HR policies, like the sending of harassment, inappropriate or offensive language. It can also detect adult, racy or gory images. You can use pre-configured templates to identify sensitive information types or create a custom policy that can detect references to confidential internal projects.
Once a message is detected, communication compliance triggers an alert for investigation and remediation.
Data Loss Prevention
While communication compliance can monitor messages for inappropriate or sensitive information, data loss prevention policies can prevent them from being sent. Data-loss Prevention policies allow you to block, or impose conditions on the sharing of sensitive information.
With DLP, you can specify types of content that cannot leave your organisation. Sensitive info types include credit card information, tax file numbers, drivers license information and more. Microsoft 365 scans the content of your email, attachments and shared files and can either notify you or prevent it from being sent.
Office 365 message encryption
You can encrypt email and attachments to ensure that only the intended recipients can view their contents. You can also prevent recipients from forwarding, saving, copying or printing your email and attachments. Encryption can be applied by default to all messages, enabled manually by users, or automatically based on the type of information you’re sharing.
Sensitivity labels
Your files can be labelled according to their sensitivity level, and policies can be applied relating to these levels. By appropriately labelling files and emails, you can ensure that your most sensitive information is only accessible by trusted recipients no matter where it ends up.
You don’t have to rely on a user labelling content based on an arbitrary choice. Automated file labelling scans the content of your file and applies a sensitivity label based on its content.
Use built-in external sharing alerts
Configure built-in alerts for external sharing. Alerts in Microsoft 365 can notify you each time a user shares information externally, or when an unusual volume of external sharing occurs.
Microsoft Cloud App Security
Cloud App Security can detect suspicious activities across Microsoft 365 and third-party cloud apps. For example, it can let you know if someone performs a mass delete or download of your information from SharePoint, OneDrive, Dropbox Business, Google Drive or Box.
Cloud App Security also provides detailed reports and insights into how your information is shared externally.
Share files via cloud storage
A better way to share data is via cloud storage rather than email attachments. Using cloud storage, you can create links to files, set access control and timed expiry – as well as revoke access. You can also view audit logs of file access to understand who is viewing your information. Sending files as attachments is a less secure way of sharing data – if you have to use it, you should ensure your encrypting messages with file attachments or using sensitive labels to protect them.
Need help protecting your sensitive data?
Naturally, there is significant consideration and configuration to apply these settings and privacy controls for your organisation. At GCITS, we have experience in cloud environments with complex security requirements. We have developed a typical security profile based on the Australian businesses that we most often service.
We can deploy these security solutions with minimal disruption. Your team can work with unimpeded access to clients, suppliers and teammates knowing that automated safety nets are in place.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2020-05-22 11:50:512020-05-22 12:23:48How do I prevent staff accidentally sending personal information outside the organisation?
On April 21, 2020, Microsoft rebranded it’s small and medium business Office 365 products to Microsoft 365. This resulted in a name change for the popular Microsoft 365 Business product as well, which is now called Microsoft 365 Business Premium.
Note that the pricing and makeup of the plans haven’t changed, just the names.
Previously called
Now called
What it has
Office 365 Business Essentials
Microsoft 365 Business Basic
Cloud Services
Office 365 Business Premium
Microsoft 365 Business Standard
Cloud services and desktop apps
Microsoft 365 Business
Microsoft 365 Business Premium
Cloud services, desktop apps and advanced security
We’ve been advocates of Microsoft 365 Business Premium for a while now. We believe it’s the best value Microsoft 365 product around for businesses with under 300 users.
Want to know how to protect your data in Microsoft 365 Business Premium? Download our free guide to learn what features to switch on.
So why do we think you should go with Microsoft 365 Business Premium over Basic or Standard?
For us, it comes down to the Microsoft 365 Business Premium’s advanced security and compliance features.
Security and Compliance features of Microsoft 365 Business Premium
Microsoft 365 Business Premium includes advanced security features that are not present in the lower tier plans. These include:
Malware and Phishing protection with Office 365 Advanced Threat Protection
Microsoft 365 Safe Links and Safe Attachment policies protect against known and zero-day malware. Anti-Phishing policies protect users against phishing attacks using mailbox intelligence and machine-learning enhanced sender reputation checks.
Enhanced security for identities with Conditional Access
Conditional Access policies help balance security and productivity by applying the right security measures at the right time. For instance, if Microsoft 365 detects a risky sign-in from an unexpected location or non-compliant device, it can prompt for multi-factor authentication or block access to the user.
Enforce encryption on devices using Microsoft Intune
We can use Microsoft Intune to protect data on devices in the event of loss or theft. Microsoft Intune can configure Windows BitLocker, Apple’s File Vault, and encryption settings on Android and iOS devices.
Classify and protect confidential information with Azure Information Protection
Azure information protection helps companies use sensitivity labels and policies to classify and protect data. Built-in labels include Personal, Public, General, Confidential and Highly Confidential.
Depending on what label is applied, a policy can be used to protect it. These policies can enforce encryption, apply watermarks, prevent it from leaving your organisation and more.
Control company data on PCs with Windows Information protection
Many people use the same computer for both work and personal tasks. Windows Information protection tags files as ‘Work’ if they are generated by, or saved from, a corporate app. Files tagged as ‘Work’ are subject to the controls defined in your Information Protection policies. These files can:
be encrypted
prevented from being uploaded or shared via unmanaged apps
remotely wiped without affecting personal data.
Control access to sensitive emails with Information Rights Management
Information Rights Management allows your team to apply restrictions like “Do Not Copy” for specific documents and emails. When a recipient receives the email or document, they’ll be unable to forward, save, print or copy it.
Prevent sharing of sensitive info with Data Loss Prevention
Data Loss Prevention policies monitor the types of data that are uploaded to and shared outside your company. This info could be tax file numbers, credit card information, drivers license details and many more. When sensitive information is detected, the Data Loss Prevention policy can encrypt the message, notify the sender, alert an admin or block the message from being sent or file uploaded.
Remotely wipe company data and enforce security on devices with Microsoft Intune
Microsoft Intune lets us enforce security requirements on the devices that access company data. These could include requiring a strong password and encryption on phones and only allowing access via company-approved apps. When employees leave the company, Microsoft 365 can remotely wipe company data from the device without affecting personal info.
Unlimited archive for email
Microsoft 365 Business Premium provides practically unlimited storage for your email. Alongside the standard 50GB mailbox, users can access an unlimited archive of their email in Outlook.
Want to enable advanced security in Microsoft 365 Business Premium?
While you get all the above features with Microsoft 365 Business Premium, you still need to configure them to suit your business and requirements. You can outsource the security of your cloud environment to GCITS. Get in touch for an expert assessment, and we can ensure the ongoing state management of these essential security policies.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2020-04-23 13:11:132020-04-23 13:41:38What is Microsoft 365 Business Premium?
Australia’s reported data breaches increased by 19% in the last quarter of 2019. In this short post, we break down what caused them and how you can protect your business.
Australian organisations are now subject to Notifiable Data Breach laws. These laws attempt to drive better security standards for protecting personal information, and they require organisations to disclose breaches to the Office of Australian Information Commissioner (OAIC).
Companies who fail to disclose may be subject to hefty fines which also extend personally to company directors.
Want to protect sensitive information in Microsoft 365? Download our free Microsoft 365 Data Protection guide.
The OAIC releases a quarterly report on reported data breaches. The latest contains records up to December 2019 with a total of 537 reported breaches which break down into the following categories:
Malicious or criminal attack – 64%
Human Error – 32%
System Fault – 4%
To adequately protect your business against data breaches, you need to implement a system that addresses all three categories.
Protecting your organisation against malicious or criminal attacks
Let’s look at the methods hackers used to breach Australian businesses.
Of the ‘Malicious or criminal attack’ category, 74% of breaches involved compromised credentials. These are known as identity attacks because they use a compromised identity to gain unauthorised access. According to Microsoft, by implementing Multi-Factor Authentication across all users, an organisation can defend itself against 99.9% of identity-based attacks.
Ransomware and Malware made up another 16% of ‘Malicious or criminal attack’ breaches. These can be prevented by implementing a capable desktop and email threat protection engine such as:
Office 365 Advanced Threat Protection
Microsoft Defender Advanced Threat Protection.
Protecting your organisation against human error related breaches
Of the ‘Human Error’ category, 42% of breaches occurred using email. An example of this might be sending sensitive data to the wrong recipient. Companies can prevent this kind of breach by implementing a system which scans outbound email.
If the system determines that the email contains sensitive information, it can immediately block the mail delivery or alert a team member.
Protecting your organisation against System Fault breaches
Protecting your organization against system fault breaches relies on a combination of luck and due diligence. According to the OAIC, these types of breaches involve ‘disclosure of personal information on a website due to a bug in the web code, or a machine fault that results in a document containing personal information being sent to the wrong person.’
To defend against system faults, we recommend storing your sensitive data with reputable vendors only and choosing an IT partner who will regularly monitor and maintain your systems.
How can we help secure your environment against data breaches?
We use a combination of Microsoft 365 Business Premium and Microsoft Cloud App Security to implement enhanced cybersecurity for small businesses.
It’s not enough to simply buy the Microsoft licenses and apply them to your users.
To be effective in the modern threat landscape, these systems must be configured and monitored with policies applied and adhered to.
Want to learn more about protecting your data against breaches in Microsoft 365? Download our free guide on which features you should configure, or get in touch today.
Now more than ever, being able to work remotely is of critical importance. Ensuring that employees have the right tools to work from home or in isolation, is a real concern for business owners.
Why do we recommend Dropbox Business instead of OneDrive and SharePoint?
This is a question we’re asked occasionally and it’s something we’ve given a lot of consideration. Why do we deploy Dropbox Business for our customers? We’re a Microsoft Gold Partner, it’d make sense for us to go with OneDrive and SharePoint, right?
Ultimately it comes down to reliability and user experience. We can still roll out and secure Dropbox Business using Microsoft identities and security tools while providing a simple, reliable experience to our customers.
Here’s an overview of why we deploy Dropbox Business over OneDrive & SharePoint:
Download the full article here
Reliability
Generally speaking, the Dropbox client just works.
This is extremely important to us. A Dropbox keynote speaker once commented: “Dropbox doesn’t just keep files in sync, it keeps teams in sync.” It’s marketing talk, but it makes sense.
When the tool that keeps your team in sync doesn’t work reliably, not only can you lose trust in it, but you can lose trust in your team. You’ll never know if the reason the files aren’t there is because the syncing isn’t working, or because your team members haven’t done their job. And when it does come back online, are all the changes and files there? Are there conflicts? How will we know without checking each affected device and team member? It may seem trivial, but in our experience, the emotional impact of an unreliable sync client is a very real thing.
Ease of Use
Dropbox eases the digital transformation curve for users who are familiar with working via Windows Explorer or Mac Finder. Users can take advantage of the improved mobility, security and external collaboration features at their own pace.
The New Dropbox Desktop App is good
The new Dropbox Desktop App actually works quite well. It has a familiar file explorer/finder layout with additional enhancements that make it easier for employees to collaborate and comment on files and turn folders into productive workspaces called Dropbox Spaces.
Single Sign-on is simple to use
Single Sign-on allows users to use their Office 365 account to log into multiple services. If a user is signed into their computer with Office 365, they can sign into the Dropbox App or website without needing to re-enter their credentials. Granted, this is also the case for OneDrive and SharePoint, but we are often asked about how seamless Dropbox’s integration is.
Simple sharing
Dropbox has an easy sharing interface, in the browser, on the desktop and using mobile apps.
On the desktop, users can right-click on folders, click Share and send off an invitation to collaborate on the file or folder.
In the browser, users can mouse over a file or folder, click Share and do the same.
In mobile apps, users can tap the menu icon under each file or folder to share with anyone.
Office 365 and GSuite support
Dropbox supports both Microsoft’s Office Online and Google GSuite web apps to allow for the creation and editing of documents from anywhere. Users who work on files via the browser in Office 365 or GSuite will see little difference when switching to Dropbox Business.
Microsoft Cloud App Security
Microsoft Cloud App Security provides an additional level of alerting and data protection policy over Dropbox Business. This is especially handy for detecting malicious insider activity such as mass deletes and downloads. Using Cloud App Security we can guard against scenarios where employees accidentally or intentionally delete or download company data.
Built-in security policies
The built-in security policies are also quite good for Dropbox Business. Unlike the basic Office 365 plans, Dropbox actually notifies you if someone accesses your account from a new browser, or connects a new device to your account.
It’s also very simple to lock down sharing as required for certain files and folders. It’s easy to ensure that certain files and folders cannot be shared outside the company, or shared with anyone at all.
Want more information? For a comprehensive White Paper on why we choose Dropbox Business, fill out the form below.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2020-03-20 09:30:422020-03-20 17:16:52Should I use Dropbox Business or SharePoint and OneDrive?
We’ve been providing Dropbox Business as a core part of our Managed Services for a few years now, and have received great feedback from customers for its simplicity and reliability.
Our customers get a seamless solution with Dropbox Business and Microsoft 365, with single sign on through Azure Active Directory, advanced protection via Microsoft Cloud App Security and an excellent integration with Office Online.
We’re thrilled to announce that we have completed the customer satisfaction and training requirements to become the first Dropbox Business Elite Partner in Australia and New Zealand. And we’re pretty happy with the smash cake too.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2018-11-26 15:50:412019-04-03 00:43:29GCITS are the first Dropbox Elite Partners in Australia and New Zealand
This update will bring extra document management capabilities from SharePoint into Microsoft Teams.
The current Microsoft Teams files experience
The document storage and collaboration functionality in Microsoft Teams is built on SharePoint. Every Microsoft Team is also an Office 365 Group, and each team has a group-connected SharePoint site which stores all the files shared amongst the team.
You can already reach this site from the files tab of your Microsoft Teams channels, however the experience within Teams is a bit limited.
An updated Document Library experience in Microsoft Teams
This update brings the full functionality of a SharePoint Document Library into Microsoft Teams. With the ability to add and manage custom columns, sort and filter files with custom views, trigger workflows and much more.
Sync files from Microsoft Teams with your PC or Mac
This is the standout feature in this update. The ability to sync files with a PC or Mac will be available from within Microsoft teams. At Ignite this year, Microsoft demonstrated the new interface during the Content Collaboration in the Modern Workplace – BRK2451 session.
This screen capture demonstrates custom columns, views and formatting, as well as the new sync button within Microsoft Teams.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2018-10-30 13:46:062019-02-21 13:23:30A new SharePoint-powered files experience is coming to Microsoft Teams
Office 365 Advanced Threat protection and Office 365 threat intelligence logs can now be integrated into your SIEM solution.
Threats discovered by these services can be made available on the audit.general workload of the Office 365 Management APIs.
What are the Office 365 Management APIs?
The Office 365 Management APIs are essentially the API version of the Office 365 Unified Audit Log
To get your Office 365 ATP info into your SIEM, you’ll need to have the Unified Audit Log enabled for your tenant. Unfortunately, it’s not enabled by default.
How to enable the Office 365 Unified Audit Log
The Office 365 Unified Audit Log is an important and useful tool which can help you secure your Microsoft Cloud environment. If you’re a Microsoft Partner, we have a longer article on enabling this for your customers’ tenants here, but to enable it for a single tenant, you have two options.
Enable the Office 365 Unified Audit Log via the Security and Compliance Center
You can log into the Security and Compliance Center at protection.office.com as a global or security administrator.
You’ll find the setting under Search and Investigation, Audit Log Search.
If the audit log isn’t enabled, click Start recording user and admin activities
Enable the Office 365 Unified Audit Log via Powershell
Connect your SIEM to the Office 365 Management APIs
Once the audit log is enabled, threats discovered by Office 365 ATP and Threat Intelligence will be available on the audit.general endpoint of the Office 365 Management API. For more information on setting this up, see the official Microsoft documentation here.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2018-10-30 12:48:312019-02-21 13:23:31Office 365 ATP can now be integrated into your SIEM
You’ve been able to open shared calendars in Outlook for iOS and Outlook for Android for a little while now, however this update makes it a lot easier.
How did Shared Calendars on Outlook for Mobile previously work?
The person who owned the calendar would send you a sharing invite
You accept the invite from within the Outlook mobile app
The shared calendar is added to your phone.
With this update to Outlook for iOS, you can now open calendars that are already shared with you.
How to open a shared calendar in Outlook for iOS
Switch to your calendars in Outlook for iOS
Open the the left menu
Tap the add calendar button
Tap Add Shared Calendars
Search for the person or group whose calendar you already have permission to access, then tap the add button next to their name
The calendar will appear in your list
Can you open Shared Calendars on Outlook for Android too?
Yep, this feature is also available for Outlook for Android.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2018-10-25 23:09:342019-02-21 13:23:31Open a shared calendar in Outlook for iOS
Org-Wide Teams in Microsoft Teams let you create a single Microsoft Team that includes all internal users in your organisation. However, Microsoft recommends that you make some changes to the team’s settings to cut down on excess noise and notifications.
What is an Org-Wide Microsoft Team?
An Org-Wide team in Microsoft Teams is just a team that includes everybody in your organisation. Its member list will automatically update as users come and go, and while it currently supports up to 1000 users, there are plans to increase this limit.
How do you create an Org-Wide Microsoft Team?
Creating an org-wide team is quite simple, just choose the Org-Wide team option from the drop-down when creating a new team at https://teams.microsoft.com
What are some best practices for Org-Wide Microsoft Teams?
If you have a lot of users in your organisation, these types of teams could quickly become very noisy and distracting.
To reduce excess notifications and noise, Microsoft have some best practice recommendations.
Only let team owners post on the General channel
You do this under Manage team
Click Settings, then Member permissions, then select Only owners can post messages.
Disable @mentions for the whole team
You’ll probably want to disable @mentions for the whole team, since that can send a notification to up to a thousand people at once.
You can do this do this under Settings, @mentions, Show members the option to @team or @[team name].
Automatically favorite important channels
Switch to the channels tab and tick Auto-favorite on the channels you would like to show up by default.
Also note that while the video above states that the feature is still in development, it has since been marked as launched.
//gcits.com.au/wp-content/uploads/GCITSlogowordpress.png00Elliot Munro//gcits.com.au/wp-content/uploads/GCITSlogowordpress.pngElliot Munro2018-10-22 10:13:072019-02-21 13:23:32Org-Wide teams in Microsoft Teams
We may request cookies to be set on your device. We use cookies to let us know when you visit our websites, how you interact with us, to enrich your user experience, and to customize your relationship with our website.
Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
Essential Website Cookies
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
Because these cookies are strictly necessary to deliver the website, refuseing them will have impact how our site functions. You always can block or delete cookies by changing your browser settings and force blocking all cookies on this website. But this will always prompt you to accept/refuse cookies when revisiting our site.
We fully respect if you want to refuse cookies but to avoid asking you again and again kindly allow us to store a cookie for that. You are free to opt out any time or opt in for other cookies to get a better experience. If you refuse cookies we will remove all set cookies in our domain.
We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.
Google Analytics Cookies
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.
If you do not want that we track your visit to our site you can disable tracking in your browser here:
Other external services
We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.
Google Webfont Settings:
Google Map Settings:
Google reCaptcha Settings:
Vimeo and Youtube video embeds:
Other cookies
The following cookies are also needed - You can choose if you want to allow them:
How do I stop phishing emails?
Exchange, Malware and Security Threats, Microsoft 365, Microsoft Cloud App SecurityWhat are phishing emails?
Phishing emails are fake messages, designed to look legitimate.
They cost businesses around the world billions of dollars each year. And they get opened by about 30% of people. These emails will generally impersonate a person or company that you trust or deal with, and attempt to trick you using one of three things:
They’ll use a fake person – someone pretending to be someone you know, so that you share information or transfer money into an attacker’s bank account.
They’ll set up a fake site – So that you enter your private information, like passwords or credit card details, or provide a rogue app with permission to access your data.
They’ll create fake attachments – attackers will disguise malware in fake invoices and shipping notification to remotely access your computer or encrypt your files.
How can I prevent phishing emails with Microsoft 365?
To give our teams the best chance of avoiding phishing emails, not only do we need to make people aware of the methods above, we need to configure the features in Microsoft 365 that address them. Starting with Office 365 Advanced Threat Protection
Start with Office 365 Advanced Threat Protection
This is your companies primary defence against phishing emails. While all Office 365 plans come with a built-in anti-phish policy, it’s not even close to what’s offered in Office 365 Advanced Threat Protection, also known as Office 365 ATP.
Once you’ve purchased Office 365 ATP, you should jump into the Security and Compliance centre and check out your anti-phishing policy.
Its default controls are pretty good for detecting phishing emails that impersonate your users, your domains and external contacts. It develops an understanding of how your users and their contacts interact, the addresses and sending infrastructure they use, and identifies anything out of the ordinary. If it detects an impersonation attempt, the message is either quarantined or delivered with a warning.
You can enhance your protection by adding users in roles like CEO or CFO to the targeted user protection feature. You can also add external domains, that you frequently interact with, to the targeted domains feature.
Use a mail transport rule to warn on external impersonation
You can configure a mail rule that applies a warning to messages where an external sender uses a display name that matches someone internally in your company. We have an example rule on our website that has been pretty popular amongst smaller organisations.
So that helps address fake senders, how about fake attachments and fake websites? Office 365 ATP addresses these with the Safe Attachments and Safe Links policies.
Detect malicious attachments with Safe Attachments policy
The safe attachments policy can protect your users from malware sent by phishing emails, like the COVID-19 phishing campaign that used Excel files to install a malicious remote access tool. The Safe Attachments feature analyses your attachments in a separate environment, running a bunch of checks for malware then blocking the email or removing the unsafe attachment.
Detect malicious websites with a Safe Links Policy
The Safe links policy scans your URLs in emails for links to malicious sites. If a malicious website is detected, Safe Links blocks users from visiting it.
Remove phishing emails from mailboxes after delivery
These tools work by analysing messages for known malware, bad links or untrusted senders and stopping them arriving. But what happens if a bad email gets through, and the system doesn’t realise until later?
You should configure Zero Hour Auto Purge. Zero Hour Auto purge removes bad messages from your mailboxes retroactively and sends them junk, quarantine or deleted items.
Set up Office 365 ATP and Exchange Online Protection with recommended best practices
I’ve just discussed four different security policies in a few minutes. If you’ve spent any time looking at ATP or Exchange Online Protection policies, you’ll probably notice there’s a lot of policies, and most of them are already set up. Should you change anything or leave them as they are?
It would help if you changed them, and Microsoft has two levels of recommended best practices that they say will prevent most unwanted messages from reaching your team.
These two levels are called Strict and Standard. In our experience, Strict is very strict, but it’s a good starting point that you can enable first, and adjust later.
Test users by simulating a phishing campaign
Once your policies are set up, you should test your users. If you purchase Office 365 ATP Plan 2, you can run attack simulations against your team. Attack Simulations can help you identify and find vulnerable users before a real attack impacts them.
Protect your accounts if your team gives up their credentials
But what happens when messages get through? What happens when users get duped and provide their login details to attackers?
Protect your accounts. If a user enters their credentials into a fake website, we need to make sure an attacker can’t use these credentials alone to log in. All Office and Microsoft 365 plans allow you to configure multi-factor authentication; this will ensure that attackers can’t log in without having access to an additional form of verification such as a phone or authentication token.
If you have a plan that includes Azure Identity Protection, you should set up a sign-in risk policy to monitor for unusual logins. These policies use machine learning to detect suspicious activity and can temporarily block sign-ins and accounts if something’s amiss.
Monitor for unusual applications with access to your users’ data.
Now that accounts are getting more secure by default, attackers are requesting access to user data via apps. And it’s worse if they manage to trick an admin user because then attackers can have longstanding access to an entire organisation that persists even when passwords are changed.
It can be challenging to detect if a user clicks a phishing link and provides a rogue app with access to their mailbox, OneDrive or SharePoint data. So you use Microsoft Cloud App Security to get alerted to unusual oAuth applications with access to your teams’ information.
Be extra vigilant if your data has been exposed in the past
Take extra care if you, or companies you regularly interact with, have been breached before. If attackers have had access to your company data and know who usually communicates with who, and for what purposes, they will try to exploit that information by setting up fake emails to hold their fake conversations with their fake invoices to get your real money.
Need help with phishing in Office 365 or Microsoft 365?
If you need assistance setting-up these policies in your organisation or need a hand cleaning up after a successful phishing attack in Microsoft 365, we’d be happy to help. Reach out to us via chat, or using the form below.
How do I prevent staff accidentally sending personal information outside the organisation?
Data Loss Prevention, Microsoft 365, Microsoft Cloud App SecurityWhile most organisations take measures to prevent and protect against external cyber-attacks, many don’t protect themselves against accidental leaks by their internal staff.
Accidental disclosure is the unintentional release or sharing of sensitive information. In Australia, human error was the cause of 32% of reported data breaches in the last half of 2019.
Sending private information to the wrong person can put an organisation’s reputation on the line and have a dramatic effect on the disclosed party. Under Australia’s Privacy Laws, businesses need to have security measures in place to protect personal data from being leaked unintentionally.
How does an accidental data breach occur?
It’s often a staff member sending an email to the wrong person or inadvertently attaching a document that contains sensitive information. It could also be sending Personally Identifiable Information like Tax File Numbers, Credit Card numbers or Medical information over insecure channels.
What steps can I take to prevent accidental data leakage?
It may be obvious, but it starts with user education.
Document your best-practices and train users on what types of information they can share outside of the organisation.
But what can we configure to make sure we detect and catch any mistakes before they go out?
Microsoft has tools that can prevent sensitive information from being sent unintentionally. Here is a brief list of each tool and what they can do:
Communication Compliance
Communication Compliance is the latest addition to Microsoft’s insider-risk toolset. Communication Compliance helps you detect, capture and take remediation actions when your team sends inappropriate messages.
So what’s an inappropriate message? It can be something that goes against HR policies, like the sending of harassment, inappropriate or offensive language. It can also detect adult, racy or gory images. You can use pre-configured templates to identify sensitive information types or create a custom policy that can detect references to confidential internal projects.
Once a message is detected, communication compliance triggers an alert for investigation and remediation.
Data Loss Prevention
While communication compliance can monitor messages for inappropriate or sensitive information, data loss prevention policies can prevent them from being sent. Data-loss Prevention policies allow you to block, or impose conditions on the sharing of sensitive information.
With DLP, you can specify types of content that cannot leave your organisation. Sensitive info types include credit card information, tax file numbers, drivers license information and more. Microsoft 365 scans the content of your email, attachments and shared files and can either notify you or prevent it from being sent.
Office 365 message encryption
You can encrypt email and attachments to ensure that only the intended recipients can view their contents. You can also prevent recipients from forwarding, saving, copying or printing your email and attachments. Encryption can be applied by default to all messages, enabled manually by users, or automatically based on the type of information you’re sharing.
Sensitivity labels
Your files can be labelled according to their sensitivity level, and policies can be applied relating to these levels. By appropriately labelling files and emails, you can ensure that your most sensitive information is only accessible by trusted recipients no matter where it ends up.
You don’t have to rely on a user labelling content based on an arbitrary choice. Automated file labelling scans the content of your file and applies a sensitivity label based on its content.
Use built-in external sharing alerts
Configure built-in alerts for external sharing. Alerts in Microsoft 365 can notify you each time a user shares information externally, or when an unusual volume of external sharing occurs.
Microsoft Cloud App Security
Cloud App Security can detect suspicious activities across Microsoft 365 and third-party cloud apps. For example, it can let you know if someone performs a mass delete or download of your information from SharePoint, OneDrive, Dropbox Business, Google Drive or Box.
Cloud App Security also provides detailed reports and insights into how your information is shared externally.
Share files via cloud storage
A better way to share data is via cloud storage rather than email attachments. Using cloud storage, you can create links to files, set access control and timed expiry – as well as revoke access. You can also view audit logs of file access to understand who is viewing your information. Sending files as attachments is a less secure way of sharing data – if you have to use it, you should ensure your encrypting messages with file attachments or using sensitive labels to protect them.
Need help protecting your sensitive data?
Naturally, there is significant consideration and configuration to apply these settings and privacy controls for your organisation. At GCITS, we have experience in cloud environments with complex security requirements. We have developed a typical security profile based on the Australian businesses that we most often service.
We can deploy these security solutions with minimal disruption. Your team can work with unimpeded access to clients, suppliers and teammates knowing that automated safety nets are in place.
What is Microsoft 365 Business Premium?
Microsoft 365, Office 365On April 21, 2020, Microsoft rebranded it’s small and medium business Office 365 products to Microsoft 365. This resulted in a name change for the popular Microsoft 365 Business product as well, which is now called Microsoft 365 Business Premium.
We’ve been advocates of Microsoft 365 Business Premium for a while now. We believe it’s the best value Microsoft 365 product around for businesses with under 300 users.
Want to know how to protect your data in Microsoft 365 Business Premium? Download our free guide to learn what features to switch on.
So why do we think you should go with Microsoft 365 Business Premium over Basic or Standard?
For us, it comes down to the Microsoft 365 Business Premium’s advanced security and compliance features.
Security and Compliance features of Microsoft 365 Business Premium
Microsoft 365 Business Premium includes advanced security features that are not present in the lower tier plans. These include:
Malware and Phishing protection with Office 365 Advanced Threat Protection
Microsoft 365 Safe Links and Safe Attachment policies protect against known and zero-day malware. Anti-Phishing policies protect users against phishing attacks using mailbox intelligence and machine-learning enhanced sender reputation checks.
Enhanced security for identities with Conditional Access
Conditional Access policies help balance security and productivity by applying the right security measures at the right time. For instance, if Microsoft 365 detects a risky sign-in from an unexpected location or non-compliant device, it can prompt for multi-factor authentication or block access to the user.
Enforce encryption on devices using Microsoft Intune
We can use Microsoft Intune to protect data on devices in the event of loss or theft. Microsoft Intune can configure Windows BitLocker, Apple’s File Vault, and encryption settings on Android and iOS devices.
Classify and protect confidential information with Azure Information Protection
Azure information protection helps companies use sensitivity labels and policies to classify and protect data. Built-in labels include Personal, Public, General, Confidential and Highly Confidential.
Depending on what label is applied, a policy can be used to protect it. These policies can enforce encryption, apply watermarks, prevent it from leaving your organisation and more.
Control company data on PCs with Windows Information protection
Many people use the same computer for both work and personal tasks. Windows Information protection tags files as ‘Work’ if they are generated by, or saved from, a corporate app. Files tagged as ‘Work’ are subject to the controls defined in your Information Protection policies. These files can:
Control access to sensitive emails with Information Rights Management
Information Rights Management allows your team to apply restrictions like “Do Not Copy” for specific documents and emails. When a recipient receives the email or document, they’ll be unable to forward, save, print or copy it.
Prevent sharing of sensitive info with Data Loss Prevention
Data Loss Prevention policies monitor the types of data that are uploaded to and shared outside your company. This info could be tax file numbers, credit card information, drivers license details and many more. When sensitive information is detected, the Data Loss Prevention policy can encrypt the message, notify the sender, alert an admin or block the message from being sent or file uploaded.
Remotely wipe company data and enforce security on devices with Microsoft Intune
Microsoft Intune lets us enforce security requirements on the devices that access company data. These could include requiring a strong password and encryption on phones and only allowing access via company-approved apps. When employees leave the company, Microsoft 365 can remotely wipe company data from the device without affecting personal info.
Unlimited archive for email
Microsoft 365 Business Premium provides practically unlimited storage for your email. Alongside the standard 50GB mailbox, users can access an unlimited archive of their email in Outlook.
Want to enable advanced security in Microsoft 365 Business Premium?
While you get all the above features with Microsoft 365 Business Premium, you still need to configure them to suit your business and requirements. You can outsource the security of your cloud environment to GCITS. Get in touch for an expert assessment, and we can ensure the ongoing state management of these essential security policies.
What’s causing Australia’s Data Breaches?
Malware and Security Threats, NewsAustralia’s reported data breaches increased by 19% in the last quarter of 2019. In this short post, we break down what caused them and how you can protect your business.
Australian organisations are now subject to Notifiable Data Breach laws. These laws attempt to drive better security standards for protecting personal information, and they require organisations to disclose breaches to the Office of Australian Information Commissioner (OAIC).
Companies who fail to disclose may be subject to hefty fines which also extend personally to company directors.
Want to protect sensitive information in Microsoft 365? Download our free Microsoft 365 Data Protection guide.
How were Australian companies breached?
The OAIC releases a quarterly report on reported data breaches. The latest contains records up to December 2019 with a total of 537 reported breaches which break down into the following categories:
To adequately protect your business against data breaches, you need to implement a system that addresses all three categories.
Protecting your organisation against malicious or criminal attacks
Let’s look at the methods hackers used to breach Australian businesses.
Of the ‘Malicious or criminal attack’ category, 74% of breaches involved compromised credentials. These are known as identity attacks because they use a compromised identity to gain unauthorised access. According to Microsoft, by implementing Multi-Factor Authentication across all users, an organisation can defend itself against 99.9% of identity-based attacks.
Ransomware and Malware made up another 16% of ‘Malicious or criminal attack’ breaches. These can be prevented by implementing a capable desktop and email threat protection engine such as:
Protecting your organisation against human error related breaches
Of the ‘Human Error’ category, 42% of breaches occurred using email. An example of this might be sending sensitive data to the wrong recipient. Companies can prevent this kind of breach by implementing a system which scans outbound email.
If the system determines that the email contains sensitive information, it can immediately block the mail delivery or alert a team member.
Protecting your organisation against System Fault breaches
Protecting your organization against system fault breaches relies on a combination of luck and due diligence. According to the OAIC, these types of breaches involve ‘disclosure of personal information on a website due to a bug in the web code, or a machine fault that results in a document containing personal information being sent to the wrong person.’
To defend against system faults, we recommend storing your sensitive data with reputable vendors only and choosing an IT partner who will regularly monitor and maintain your systems.
How can we help secure your environment against data breaches?
We use a combination of Microsoft 365 Business Premium and Microsoft Cloud App Security to implement enhanced cybersecurity for small businesses.
It’s not enough to simply buy the Microsoft licenses and apply them to your users.
To be effective in the modern threat landscape, these systems must be configured and monitored with policies applied and adhered to.
Want to learn more about protecting your data against breaches in Microsoft 365? Download our free guide on which features you should configure, or get in touch today.
Should I use Dropbox Business or SharePoint and OneDrive?
Office 365Now more than ever, being able to work remotely is of critical importance. Ensuring that employees have the right tools to work from home or in isolation, is a real concern for business owners.
Why do we recommend Dropbox Business instead of OneDrive and SharePoint?
This is a question we’re asked occasionally and it’s something we’ve given a lot of consideration. Why do we deploy Dropbox Business for our customers? We’re a Microsoft Gold Partner, it’d make sense for us to go with OneDrive and SharePoint, right?
Ultimately it comes down to reliability and user experience. We can still roll out and secure Dropbox Business using Microsoft identities and security tools while providing a simple, reliable experience to our customers.
Here’s an overview of why we deploy Dropbox Business over OneDrive & SharePoint:
Download the full article here
Reliability
Generally speaking, the Dropbox client just works.
This is extremely important to us. A Dropbox keynote speaker once commented: “Dropbox doesn’t just keep files in sync, it keeps teams in sync.” It’s marketing talk, but it makes sense.
When the tool that keeps your team in sync doesn’t work reliably, not only can you lose trust in it, but you can lose trust in your team. You’ll never know if the reason the files aren’t there is because the syncing isn’t working, or because your team members haven’t done their job. And when it does come back online, are all the changes and files there? Are there conflicts? How will we know without checking each affected device and team member? It may seem trivial, but in our experience, the emotional impact of an unreliable sync client is a very real thing.
Ease of Use
Dropbox eases the digital transformation curve for users who are familiar with working via Windows Explorer or Mac Finder. Users can take advantage of the improved mobility, security and external collaboration features at their own pace.
The New Dropbox Desktop App is good
The new Dropbox Desktop App actually works quite well. It has a familiar file explorer/finder layout with additional enhancements that make it easier for employees to collaborate and comment on files and turn folders into productive workspaces called Dropbox Spaces.
Single Sign-on is simple to use
Single Sign-on allows users to use their Office 365 account to log into multiple services. If a user is signed into their computer with Office 365, they can sign into the Dropbox App or website without needing to re-enter their credentials. Granted, this is also the case for OneDrive and SharePoint, but we are often asked about how seamless Dropbox’s integration is.
Simple sharing
Dropbox has an easy sharing interface, in the browser, on the desktop and using mobile apps.
Office 365 and GSuite support
Dropbox supports both Microsoft’s Office Online and Google GSuite web apps to allow for the creation and editing of documents from anywhere. Users who work on files via the browser in Office 365 or GSuite will see little difference when switching to Dropbox Business.
Microsoft Cloud App Security
Microsoft Cloud App Security provides an additional level of alerting and data protection policy over Dropbox Business. This is especially handy for detecting malicious insider activity such as mass deletes and downloads. Using Cloud App Security we can guard against scenarios where employees accidentally or intentionally delete or download company data.
Built-in security policies
The built-in security policies are also quite good for Dropbox Business. Unlike the basic Office 365 plans, Dropbox actually notifies you if someone accesses your account from a new browser, or connects a new device to your account.
It’s also very simple to lock down sharing as required for certain files and folders. It’s easy to ensure that certain files and folders cannot be shared outside the company, or shared with anyone at all.
Want more information? For a comprehensive White Paper on why we choose Dropbox Business, fill out the form below.
GCITS are the first Dropbox Elite Partners in Australia and New Zealand
NewsWe’ve been providing Dropbox Business as a core part of our Managed Services for a few years now, and have received great feedback from customers for its simplicity and reliability.
Our customers get a seamless solution with Dropbox Business and Microsoft 365, with single sign on through Azure Active Directory, advanced protection via Microsoft Cloud App Security and an excellent integration with Office Online.
We’re thrilled to announce that we have completed the customer satisfaction and training requirements to become the first Dropbox Business Elite Partner in Australia and New Zealand. And we’re pretty happy with the smash cake too.
A new SharePoint-powered files experience is coming to Microsoft Teams
Microsoft 365, Microsoft Teams, Office 365, SharePointThis update will bring extra document management capabilities from SharePoint into Microsoft Teams.
The current Microsoft Teams files experience
The document storage and collaboration functionality in Microsoft Teams is built on SharePoint. Every Microsoft Team is also an Office 365 Group, and each team has a group-connected SharePoint site which stores all the files shared amongst the team.
You can already reach this site from the files tab of your Microsoft Teams channels, however the experience within Teams is a bit limited.
An updated Document Library experience in Microsoft Teams
This update brings the full functionality of a SharePoint Document Library into Microsoft Teams. With the ability to add and manage custom columns, sort and filter files with custom views, trigger workflows and much more.
Sync files from Microsoft Teams with your PC or Mac
This is the standout feature in this update. The ability to sync files with a PC or Mac will be available from within Microsoft teams. At Ignite this year, Microsoft demonstrated the new interface during the Content Collaboration in the Modern Workplace – BRK2451 session.
This screen capture demonstrates custom columns, views and formatting, as well as the new sync button within Microsoft Teams.
The roadmap update for this feature listed a general availability date of Q3 of calendar year 2018, so it should be rolling out any minute now.
For more info on this feature, see the Content Collaboration in the Modern Workplace session from Microsoft Ignite.
Office 365 ATP can now be integrated into your SIEM
Exchange, Malware and Security Threats, Microsoft 365, Office 365Office 365 Advanced Threat protection and Office 365 threat intelligence logs can now be integrated into your SIEM solution.
Threats discovered by these services can be made available on the audit.general workload of the Office 365 Management APIs.
What are the Office 365 Management APIs?
The Office 365 Management APIs are essentially the API version of the Office 365 Unified Audit Log
To get your Office 365 ATP info into your SIEM, you’ll need to have the Unified Audit Log enabled for your tenant. Unfortunately, it’s not enabled by default.
How to enable the Office 365 Unified Audit Log
The Office 365 Unified Audit Log is an important and useful tool which can help you secure your Microsoft Cloud environment. If you’re a Microsoft Partner, we have a longer article on enabling this for your customers’ tenants here, but to enable it for a single tenant, you have two options.
Enable the Office 365 Unified Audit Log via the Security and Compliance Center
Enable the Office 365 Unified Audit Log via Powershell
Connect your SIEM to the Office 365 Management APIs
Once the audit log is enabled, threats discovered by Office 365 ATP and Threat Intelligence will be available on the audit.general endpoint of the Office 365 Management API. For more information on setting this up, see the official Microsoft documentation here.
Open a shared calendar in Outlook for iOS
Office 365, Office 365 Roadmap Updates, OutlookYou’ve been able to open shared calendars in Outlook for iOS and Outlook for Android for a little while now, however this update makes it a lot easier.
How did Shared Calendars on Outlook for Mobile previously work?
With this update to Outlook for iOS, you can now open calendars that are already shared with you.
How to open a shared calendar in Outlook for iOS
Can you open Shared Calendars on Outlook for Android too?
Yep, this feature is also available for Outlook for Android.
Org-Wide teams in Microsoft Teams
Microsoft 365, Microsoft Teams, Office 365, Office 365 Roadmap UpdatesOrg-Wide Teams in Microsoft Teams let you create a single Microsoft Team that includes all internal users in your organisation. However, Microsoft recommends that you make some changes to the team’s settings to cut down on excess noise and notifications.
What is an Org-Wide Microsoft Team?
An Org-Wide team in Microsoft Teams is just a team that includes everybody in your organisation. Its member list will automatically update as users come and go, and while it currently supports up to 1000 users, there are plans to increase this limit.
How do you create an Org-Wide Microsoft Team?
Creating an org-wide team is quite simple, just choose the Org-Wide team option from the drop-down when creating a new team at https://teams.microsoft.com
What are some best practices for Org-Wide Microsoft Teams?
If you have a lot of users in your organisation, these types of teams could quickly become very noisy and distracting.
To reduce excess notifications and noise, Microsoft have some best practice recommendations.
Only let team owners post on the General channel
Disable @mentions for the whole team
You’ll probably want to disable @mentions for the whole team, since that can send a notification to up to a thousand people at once.
Automatically favorite important channels
Switch to the channels tab and tick Auto-favorite on the channels you would like to show up by default.
Also note that while the video above states that the feature is still in development, it has since been marked as launched.