Microsoft Teams: Saved messages

🚨 The Signal: Users can now save Teams messages for quick retrieval. This feature introduces a new method for users to retain and access information, potentially creating shadow IT risks for data retention and discovery policies.

The Impact

All users are affected, creating a moderate risk for information governance and eDiscovery compliance.

• End Users: Can save messages, potentially bypassing official retention policies.
• Security Team: Increased complexity for eDiscovery and data export requests.
• Compliance Team: New vector for unmanaged data storage, impacting data retention policies.
• Legal Team: Saved messages may complicate legal hold and discovery processes.

The Action

1. Review existing Microsoft Teams data retention policies in Microsoft Purview to ensure they cover saved messages.
2. Communicate to end-users the appropriate use of the 'Saved messages' feature in alignment with organisational data retention policies.
3. Update eDiscovery procedures to include 'Saved messages' as a potential data source.
4. Monitor Microsoft 365 Message Center for any future updates regarding governance controls for saved messages.

Domain: Teams · Impact: medium · Workload: Teams