{"id":12724,"date":"2023-12-07T13:06:58","date_gmt":"2023-12-07T21:06:58","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=12724"},"modified":"2024-05-23T13:41:19","modified_gmt":"2024-05-23T20:41:19","slug":"empowering-employees-after-the-call-enabling-and-securing-microsoft-teams-meeting-data-retention-at-microsoft","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/empowering-employees-after-the-call-enabling-and-securing-microsoft-teams-meeting-data-retention-at-microsoft\/","title":{"rendered":"Empowering employees after the call: Enabling and securing Microsoft Teams meeting data retention at Microsoft"},"content":{"rendered":"
<\/p>\n
Read our step-by-step guide on deploying Copilot for Microsoft 365 at your company. It\u2019s based on our experience deploying it here at Microsoft:<\/p>\n
Microsoft Teams meetings help our globally distributed and digitally connected employees create meaningful hybrid work experiences. When those meetings are recorded and transcribed or their data becomes available to AI-powered digital assistants, their impact increases.<\/p>\n
Although these features have proven to be incredibly useful to our employees and our wider organization, there are also concerns about how retaining Microsoft Teams meeting data might affect our security posture, records retention policy, and privacy. Just like any other company, we at Microsoft have to balance these varying aspects.<\/p>\n
At Microsoft Digital (MSD), the Microsoft IT organization, we\u2019re leading cross-disciplinary conversations to ensure we get it right.<\/p>\n
[<\/em>Learn how Microsoft creates self-service sensitivity labels in Microsoft 365.<\/em><\/a> Discover getting the most out of generative AI at Microsoft with good governance.<\/em><\/a>]<\/em><\/p>\n Our Microsoft Teams meeting data comes in the form of three main artifacts: recordings, transcriptions, and data that AI-powered Microsoft 365 Copilot and recap services can use to increase our general business intelligence.<\/p>\n We find meeting recordings and transcripts are helpful for many reasons, including helping us overcome accessibility issues related to fast-paced, real-time meetings or language differences\u2014this is a powerful way to level the playing field for our employees. Our ability to share recordings and transcripts also supports greater knowledge transfer and asynchronous work, which is especially helpful for teams that operate across time zones.<\/p>\n We tend to think of the recordings we make during meetings as an individual\u2019s data, but they actually represent the company\u2019s data. We want to empower individuals, but we have to remember that retention and volume impacts of these artifacts on the company can be substantial.<\/p>\n \u2014Rachael Heade, director of records compliance, Microsoft Corporate, External, and Legal Affairs<\/p>\n<\/blockquote>\n Microsoft Teams Premium<\/a> enables AI-generated notes, task lists, personalized timeline markers for video recaps, and auto-generated chapters for recordings. Within a meeting, the Microsoft 365 Copilot<\/a> sidebar experience helps our late-joining employees catch up on what they’ve missed, provides intelligent prompts to review unresolved questions, summarizes key themes, and creates notes or action items.<\/p>\n The helpfulness of these tools is clear, but data-retention obligations introduce challenges that organizations like ours need to consider. First, producing and retaining this kind of data can be complex if it isn’t properly governed. Second, data-rich artifacts like video recordings occupy a lot of space, eating up cloud storage budgets.<\/p>\n “We tend to think of the recordings we make during meetings as an individual\u2019s data, but they actually represent the company\u2019s data,” says Rachael Heade, director of records compliance for Microsoft Corporate, External, and Legal Affairs (CELA). “We want to empower individuals, but we have to remember that retention and volume impacts of these artifacts on the company can be substantial.”<\/p>\n In light of these potential impacts, some organizations simply opt out of enabling Microsoft Teams meeting recordings.<\/p>\n Our teams in MSD, our IT group, and CELA, our legal division, are working to balance the benefits of Microsoft Teams meeting data retention with our compliance obligations to provide empowering experiences for our employees while keeping the company safe.<\/p>\n “Organizations are always concerned about centralized control over the retention and deletion of data artifacts,” Heade says. “You have excited employees who want to use this technology, so how do you set them up so they can use it confidently?”<\/p>\n As an organization, this is about thinking through your tenant position and getting it to a reasonable state.<\/p>\n \u2014David Johnson, tenant and compliance architect, MSD<\/p>\n<\/blockquote>\n Like many policy conversations, getting this right starts with our governance team in MSD and our internal partners asking the employees from across the company who look after data governance the right questions:<\/p>\n These questions help us think about the proper guardrails. Our IT perspective is only one part of the puzzle, so we’re actively consulting with CELA, corporate security, privacy, the Microsoft Teams product group, the company’s data custodians, and our business customers throughout this process.<\/p>\n “As an organization, this is about thinking through your tenant position and getting it to a reasonable state,” says David Johnson, tenant and compliance architect with MSD.<\/p>\n Our conversations have brought up distinctions that any organization should consider as they build policy around Microsoft Teams meeting retention:<\/p>\n Our policies around Microsoft Teams meeting data retention continue to evolve, but we’ve already implemented some highly effective practices, policies, and controls. Every organization’s situation is unique, so it’s important that you speak to your legal professionals to craft your own policies. But our work should give you an idea of what’s possible through out-of-the-box features within Microsoft Teams.<\/p>\n The bottom line is that we rely on our employees to be good stewards of the company. But because we’ve got a good governance model in place for Teams and good overall hygiene for our tenant, we’re well set up to deal with the evolution of the product and make these decisions.<\/p>\n \u2014David Johnson, tenant and compliance architect, MSD<\/p>\n<\/blockquote>\n The policies we’ve put in place represent a mix of technical defaults, meeting options, and empowering employees to make informed decisions about usefulness and privacy. They also build on the foundations of our work with sensitivity labeling<\/a>, which is helping secure data across our tenant.<\/p>\n These policies reflect three core tenets we use to inform our governance efforts: empower, trust, and verify.<\/p>\n “The bottom line is that we rely on our employees to be good stewards of the company,” Johnson says. “But because we’ve got a good governance model in place for Teams and good overall hygiene for our tenant, we’re well set up to deal with the evolution of the product and make these decisions.”<\/p>\n We can’t recommend that any organization follow our blueprint entirely, but asking some of the same questions as we have can help build a foundation. To start, read our blog post on how we create self-service sensitivity labels in Microsoft 365<\/a> and explore this Microsoft Learn guide on meeting retention policies in Microsoft Teams.<\/a><\/p>\n With a firm grasp of the technology and close collaboration with the right stakeholders, you can guide your own policy decisions and unlock the right set of features for your team.<\/p>\nPolicy considerations of Microsoft Teams meeting data retention<\/h2>\n
Asking the right questions to assemble the proper guardrails<\/h2>\n
\n
\n
From sharing perspectives to crafting policy<\/h2>\n
\n
\nHere are some tips for approaching meeting data retention at your company:<\/p>\n\n
\nSee how Microsoft Teams Premium can help you manage your data retention.<\/a><\/p>\n<\/p>\n
\n