When an employee leaves an organization there’s an entire process you need to prepare to ensure compliance with internal regulations. Proper offboarding in Microsoft Teams are critical for preventing any errors and security risks, even if your company and a former employee part ways amicably. It’s more than just deactivating their account.
In this blog post we will describe the offboarding process in Microsoft Teams and how to manage your former employee´s conversation history.
What’s offboarding and why does it matter
Offboarding is a formal separation process when an employee leaves a company. It covers transferring the employee’s job responsibilities, deactivating accounts and access rights, returning equipment, getting exit feedback, and other activities, depending on each company. Besides formal employees, you may also need to offboard external players such as contractors if they formed a part of your teams.
Often offboarding doesn’t go as easy as one would want. It is crucial at this point to consider your data retention and preservation plan to make sure your organization can smoothly transfer all the projects to another employee without losing any critical data.
Offboarding process in Microsoft Teams
There are a few important steps that you need to take when it comes to offboarding users from Microsoft Teams.
0. Before the offboarding
You may want to prepare for the offboarding process in advance by monitoring suspicious or risky user activity.
You may do so through Audit log in Security and Compliance center. For example, you can see if certain files were shared with external users.
It is also possible to create a policy that would monitor mass deletion of Teams sites. In the example below, an alert-based policy is set up to detect mass deletion of teams in a span of 30 minutes.
Additionally, from the Security & Compliance center you can set up alerts if a user specific number of files were downloaded by users. Here you may find the detailed instructions.
These steps will help you understand whether you need to take extra measures to protect your organizational data.
lf you wish not only to monitor but also prevent your users from sharing sensitive information via chat or channel, you may set up DLP (data loss prevention) policies in Microsoft Teams.
Learn more about Microsoft Teams security best practices.
1. Prevent your former employee from accessing the resource
The very first step you need to take when an employee leaves the organization is to revoke their license and disable their account.
In the Microsoft 365 admin center you may choose to delete the user, or block sign-in.
Afterwards, the user won’t be able to access any of the Microsoft 365 services.
Deleting a user is a bit extreme measures and many organizations usually refrain from it to still be able to access former employees’ OneDrive and Outlook mailbox for further use and analysis in case of litigation.
2. Protect the content
You may want to make sure that all the information shared by the former employee in private chats and channels stays intact. You might need it for legal reasons and for smoother transfer of knowledge and responsibilities to a new hire.
At the same time, people tend to delete their conversations before leaving an organization, creating quite a headache for the IT department.
However, there’s a way to preserve this data even if users delete their conversations. To better understand this process let’s first figure out where all the information shared in Teams is stored.
Private chats
All the messages shared in private chats, as well as call detail records, are automatically stored in a hidden folder in the inbox of each user involved in the conversation. Attachments are shared in OneDrive of the sender. The same goes for chat and files shared during meetings.
Even if a user deleted messages from a chat, they would still be stored in OneDrive trash folder. However, once it’s emptied the information will be almost impossible to recover.
You can archive your former employee’s OneDrive and inbox to be able to process all their shared files and conversations.
Channel conversations
All the conversations shared in Teams channels are stored in the team inbox which can also be archived. All the attachments to channel posts are shared in SharePoint drive created for this team.
Here you can learn more about where your data is stored in Teams.
To make sure all the messages and files shared by a user are backed up, you can enable data retention measures. If a chat message retention policy is applied, a copy of a deleted message will still be saved and can be found in Teams search or eDiscovery.
This way, you can make sure Teams admins can access a former employee’s chat and channel messages.
You can also set up archiving and deletion policy that automatically moves items to a user’s archive mailbox and then deletes them after a certain period. This will ensure key information stays protected even if a user deletes files and conversations.
You may also consider using third-party backup tools for additional protection of your organizational data.
3. Ensure compliance with governance policies
Your former employee might be an owner of various teams in Microsoft Teams. If left without an owner, teams become orphaned, which complicates team collaboration.
If an active team has no owner, team members can’t add new users, create channels, and configure apps, therefore impeding the collaboration process.
Here are a few steps you can take to prevent this from happening:
1.Find out in what teams the former employee was an owner
You can find this information in the Microsoft 365 admin center. You will only see groups and team the user was member of. Then, you will need to manually review each of those teams.
You may also use some PowerShell scripting to extract orphan teams, or even use a dedicated third-party reporting solution.
2. See if there’s another owner
If the user wasn’t a single owner, you have nothing to worry about. In fact, the best practice is to have at least two active owners per team. This way, you will make sure that even if an employee leaves the organization there will not be any concerns over orphan teams.
3. Assign a new owner
If there’s no other owner, or just one owner left, assign new ones.
4. Remove the former user from the team (optional)
You may want to remove your former employee from the team entirely. However, this is an optional measure since after license revoking, they won’t be able to access Teams.
These steps cover all the key offboarding Microsoft Teams measures. Learn more about Microsoft Teams governance best practices.