Avanan provides a full suite of security solutions for customers that use Microsoft Teams. Microsoft Teams offers different collaboration tools that allow employees and outsiders to collaborate online. Avanan adds layers of security, privacy, and compliance not offered by Microsoft.
This solution is currently in Public Preview, as the Microsoft API in use is not generally available yet. When Microsoft would be released, there may be changes to the capabilities. The Avanan pricing model would be changed accordingly.
Avanan Cloud Security for Teams
Microsoft Teams is part of Office 365, a service that offers employees and external collaborators to chat and share files (as well as online meetings). Microsoft Teams provides some security solutions, but still does not provide other necessary security solutions. Avanan adds a layer of security that provides the following security features for Teams:
- DLP scan of posted text messages and files
- Malware scan of files
Scans are performed on the following communication scenarios:
- file that was shared on a chat or on a team
- message that was sent on a chat or a team
- Monitor Teams files by scanning for Malicious files and Data Leakage (DLP).
- Generate events on Teams malicious content.
There are 2 default Security Policies for Teams:
- Teams DLP: scans posted text messages for potentially leaked information, such as Credit Card and SSN.
- Teams Threat Protection: scans files loaded to Teams for malicious content.
The policies include an option to skip generating events on internal communication.
- Alert owner: sends an email to the owner of an affected file or message.
- Teams Admin access is required to complete the onboarding process.
- Required License: Licensed users of Office 365 E5/A5, Microsoft 365 E5/A5, Microsoft 365 Information Protection and Governance, and Office 365 Advanced Compliance can benefit from Communication DLP for Teams.
- Navigate to SaaS Apps and click Start on the Teams app.
- The Avanan platform then redirects the user to the Microsoft Online authorization page.
- Login using the company’s Microsoft Online admin account, and approve access for Avanan.
It is possible to customize the tombstone messages, for both messages and files.
To configure the service:
- Go to Configuration > SaaS Apps, select Microsoft Teams, and click Configure.
New Policy Creation
- Navigate to Policy page.
- Add new policy by clicking on the + button near Teams.
- On “Choose Security” combo-box select DLP or Malware.
- On “Mode” combo-box select protection mode (Detect and Protect or Monitor).
- Based on the policy type:
- Select the requested DLP rules.
- Choose if you want to activate the scans on internal files (not shared with external users).
- Select the tools you want to activate in the scan.
Stop Teams protection
- Go to SaaS Apps and click Stop on the Teams app.
Forensics and Analytics
Teams detections are recorded as events for forensic and auditing purposes. The events types depend on the policy type that created the event. For DLP the events include what type of sensitive information was potentially leaked (PII, HIPAA, etc.).
Avanan Teams dashboard presents statistics on the different aspects of the service protection, including the number of scanned messages and files.