Guideline: Microsoft Teams

---

This guideline defines acceptable standards of behavior for any Coast Mountain Users of MS Teams.  

---

---

Coast Mountain College (CMTN) provides MS Teams as a communication platform to support effective communication and collaboration for College staff, students, Board of Governors members, contractors, and volunteers.   

---

---

Teams: A collection of people, content, and tools surrounding different projects and outcomes within an organization. Teams can be created to be private to only invited users. Teams can also be created to be public and open so that anyone within the organization can join (up to 10,000 members). A team is designed to bring together a group of people who work closely to get things done. Teams can be dynamic for project-based work (for example, launching a product, creating a digital war room), as well as ongoing, to reflect the internal structure of your organization (for example, departments and office locations).   Conversations, files and notes across team channels are only visible to members of the team.  

---

Channels: Dedicated sections within a team to keep conversations organized by specific topics, projects, disciplines - whatever works for your team! Files that you share in a channel (on the Files tab) are stored in SharePoint.  Channels are places where conversations happen, and channels can be open to all team members or, if you need a more select audience, they can be private. Standard channels are for conversations that everyone in a team can participate in and private channels limit communication to a subset of people in a team.  

---

SPAM: Irrelevant or unsolicited messages, typically to a large number of users, for the purposes of advertising, phishing, spreading malware, etc.

---

---

This Guideline applies to all Coast Mountain Microsoft Teams Users (MS Teams) –  including staff, student, Board of Governors members, contractors, volunteers, and any other person who uses MS Teams functionality provided Coast Mountain College. 

---

---

All Users of MS Teams must adhere to this document and all related IT and security policies and procedures.  

---

---

All Users of Microsoft Teams must observe and be aware of the following:

• Teams created for CMTN purposes should be deleted by the owner when the related project or program has been completed.  

• Each Team will designate two site owners.  

• Inactive Teams will be automatically deleted after 6 months of inactivity and be completely unrecoverable from the recycle bin after another 30 days following their deletion. At that time, all data contained within the Team will be lost and cannot be recovered. 

• Any documents shared via MS Teams that need to be kept after the project has ended must be saved or archived in accordance with the College’s data retention policies and practices. 

• All Teams created by staff should use a name that clearly identifies the use or purpose of the Team and must not include any inappropriate, offensive words, or abbreviations.

• MS Teams sites are provided for use in relation to CMTN activity to support discussions, projects, collaboration and communication.  

• MS Teams sites can be provided to allow collaboration between members selected from across the organization and members from external organizations.  

• Extra care must be taken when creating Teams for use with external organizations to ensure the correct people are sent an invitation with a security code to join any private team. If a site is created that is open for anyone to join, the group must be marked as Public.  

• MS Teams is an Office 365 cloud service and therefore information contained within sites is stored in Microsoft Data Centers.  

• Interaction is encouraged. Chat-based collaboration is a useful tool when there is regular interaction and works best when there are multiple voices represented within the dialogue.  

---

When using Microsoft Teams all Users must:  

• Be transparent – use your own name within your Office 365 profile. It is important that members are clear about who they are interacting with.  

• Be safe – MS Teams is designed to support secure networks, but do not over disclose personal information and always protect yourself against identity theft.  

• You Must be aware – That the Team owner is responsible for managing the members of that Team and Safeguarding all the data you share. This includes ensuring that any team members from external organizations are aware of and adhere to this acceptable use policy.  

• Only post to appropriate members – by default, all MS Teams channels and discussions are visible to all members of the MS Team site. Private messaging is available to send direct messages to selected members.  

• Be professional – be polite, treat team members with respect, and don’t make derogatory remarks or hijack other member’s posts to discuss an unrelated topic. It is important that this is maintained throughout and even in instances when opinions differ. Be clear and avoid using ambiguous language which may be open to misinterpretation. Always remember that information in Teams may be disclosed, under FOIPPA, IT System Reviews, or disciplinary procedures.  

• Keep it relevant – make sure you clearly understand the purpose of your MS Teams site. Stay on topic and avoid sharing irrelevant content as this may frustrate other members. Never post spam.  

• Safe Guard all Data -MS Teams provides a convenient file storage location for files posted within conversations and channels. This provides a time limited repository and should not be used as a substitute for more permanent storage solutions such as OneDrive; staff personal Drives or departmental file storage. Data should be assumed to be irretrievable after an MS Team site is closed.  

• Be aware – when Sharing images and videos – you should ensure that the sharing of images and videos does not breach image rights and copyrights. Seek permission from anyone included in personal photographs prior to sharing them. Be Alert when sharing information – An individual or student's Personal and Personal Sensitive information must not be requested or shared on any CMTN sites. Where there is a need to share confidential organizational information within a Team, this should be labelled as ‘Confidential’; appropriate permissions should have been sought from the data owner prior to sharing; the purpose of sharing the data should be transparent to the group; and there should be a clear time frame set to ensure that this data is removed as soon as it is no longer needed.  

• Do Not Share – information intended for your private teams with others. Assume that information shared within your private Team is for use by the Team members only and should not be shared outside without appropriate permissions.  

• If sharing information or files be aware of the data’s security classification and if all participants are entitled to view the shared data. 

• Ensure Meeting confidentiality - When using MS Teams, especially when using the video and voice functions ensure that you use discretion to ensure that the conversations are private.

• Use appropriate posts – CMTN reserves the right to remove inappropriate MS Teams sites or posts. This may include posts that damage the reputation of individuals or the organization, defamatory comments that may cause distress, or that contain obscene content or breach civil or criminal law. If you post inappropriately and later remove the post this may still be accessed by CMTN and used within disciplinary procedures as necessary. Typically, a MS Teams site will have two nominated site owners who will monitor use and ensure inappropriate posts are removed. However, such posts may still lead to disciplinary action.  

• Be extra careful with your own devices – MS Teams is designed for ease of access from most types of devices. Users should never access their CMTN MS Teams account from an unknown/insecure device such a public-access PC or tablet. If a User chooses to access Teams from their own personal device, then they bear the responsibility to keep this access secure. Users must:  

  • Ensure you DO NOT leave yourself logged into Teams when other people may have access to the device.  

  • Minimize the number of people with access to your device.

  • Ensure your device has reasonable security measures in place, such as a strong password/unlock code, automatic locking after a period of inactivity, plus an up-to-date operating system and anti-virus protection.

---

Online Safety Practices Users Must Follow: 

• Remember many of the same safety rules in email also apply to communications in MS Teams. 

• Use your judgement, and be wary of contacts and meeting requests from outside of your organization. Strangers can be well meaning. And some can secretly mean harm. 

• When you get new chat-based message from an external person that you haven't accepted any chat or interaction with before, you'll be presented with an option to accept or block the communication request. 

• If you don’t recognize the sender, you can check the profile card. When in doubt, don't interact with unknown and unverified users. 

• If you receive a link or file from an unknown person, don't click on it. Similar to email, use your best judgment for yours and other users' safety. 

• If selecting a link lands you on a safe links page, where you're blocked from navigation, don't try to circumvent that page. The same goes for selecting any attachment that may end in a red, blocking attachments safe page. You can Report messages in Teams and admins can Report the problem to Microsoft. Users should remember to alert whomever directed them to the suspicious link, so that they don't continue to send the problem link of attachment. Many reasons exist to land on a blocking page, so do not attempt to go around the blocking page. 

• Similar to email phishing attacks, always scan your links for iffy spelling, added digits, or strange characters. 

---

For more information on Microsoft Teams, including additional resources, please see the following article: Microsoft Teams: Features and Resources