Microsoft 365 security A user guide: How to choose between public vs. private Microsoft Teams April 28, 2021 By: Mario Znika Last updated: May 19, 2023 5 min read Discover the three types of Teams' privacy settings, the differences between them, and what happens when you create each of them. Table of contents Microsoft Teams privacy settingsPublic Microsoft TeamsPrivate Microsoft TeamsOrg-wide Microsoft TeamsChange Microsoft Teams privacy settingsSecurity of the underlying SharePoint siteWhich privacy setting to choose When you are creating a Microsoft Teams team, one of the questions you first ask yourself is – “Which privacy should I choose?” That is one of the most important decisions you need to make, so you should understand the differences between privacy settings to make a better and informed decision. In this blog post, I will explain: Three types of Teams privacy settings Which privacy is better for which use cases How to change the privacy of Microsoft Teams Microsoft Teams privacy settings When you are creating a team, you can choose one of the three types of privacy settings as shown in the image below: Private – people need permission to join (only team owners can add members) Public – anyone in the organization can join Org-wide – everyone in the organization will be automatically added (available for global admins only) Public Microsoft Teams Everyone in the organization can see the public teams and join without approval from the team owner. When a user joins the public team, he will have access to all parts of the team – conversations, public channels, folders and files, planner, SharePoint site. So, if everything is accessible by everyone, when should you consider creating a public team? When there won’t be sensitive data that could cause a data breach (personal information about employees or clients, finance data, etc.) For educational purposes and sharing knowledge When there is a common interest in a specific topic The most significant advantage of public Teams is collaboration, but you need to be careful as everyone can see everything inside public Teams. Also, in large organizations, it can lead to chaos and decrease productivity if a lot of people join a public team. Private Microsoft Teams Private Teams are permission-based, which means that users can join only after the team owner lets them in. Users cannot see private Teams when they navigate to the “Join or create a team “inside Microsoft Teams. There are a few possible ways how users can join a private team: Team owners can add them as members Members of a private team can invite other users to join. This will send a request to the team owner, and he needs to approve the request After users join a private team, they have access to everything inside that team, and they can start chatting and sharing files with other team members. As private teams can be accessed only by members and owners, they are more secure and the risk of a data breach is lower. In my opinion, most of the teams will be private, especially in large organizations, but let’s see some concrete use cases when using private teams: When there will be sensitive data not allowed to be seen by everyone For working on a project with specific people, both from the organization and outside the organization For different departments across the organization Org-wide Microsoft Teams Org-wide Teams are a particular type of public teams where all users from the organization are added automatically as members, and global admins and Team service administrators are added as owners. However, there are some limitations of Org-wide teams: Only global admins can create an org-wide team Only five org-wide teams can be created within a tenant Org-wide teams are available only for organizations with less than 10000 users (Microsoft is looking to increase this limit in the future) At the time of writing, Teams for Education doesn’t support Org-wide teams Org-wide channels can be used for company communications, but Microsoft provides some recommendations: Allow only team owners to post messages Turn off @team and @[team name] mentions Automatically show important channels Set up channel moderation Change Microsoft Teams privacy settings If you realize you have chosen the wrong privacy settings, you can very quickly change it from private to public or from public to private. Of course, global admins also have an org-wide option. To change the privacy setting of a team, follow these steps: In Microsoft Teams, click on the three dots on the right side of the team’s name and choose edit Change privacy and click on the Done button. That’s it! Security of the underlying SharePoint site Every team has a SharePoint site behind the scenes where all the content is stored. The main difference between permissions on a private and public Teams’ site is the “Everyone except external users “domain group. Public Teams have this group in the site members group, and private Teams don’t have it. Team owners and members can access all teams’ services (Teams, Planner, Calendar, SharePoint site). Still, there are some situations when you would need to share just the content of a SharePoint site to specific people without giving them access to Teams conversations and other services. If you would like to share a site, you need to navigate to Settings -> Site Permissions -> Invite People and click on the Share site only option. Which privacy setting to choose We have seen three types of Teams’ privacy settings, the differences between them, and what happens when you create each of them, so you should be ready to choose your team’s privacy. Most importantly, if there will be sensitive data, you need to go with a private team. If there won’t be sensitive data, private teams are also the preferred option in most situations, but it depends on your use case and organization size. If you choose a public team, you should be careful with the team’s data as everyone can access the data. If you’d like to manage your teams from a central place – check out Syskit Point, an Office 365 governance tool. Discover, secure, and control M365 Manage your company’s Microsoft 365 ecosystem with Syskit Point, a scalable platform that will help you govern and secure your environment while giving you deep visibility into your entire inventory. Try for free Related Posts Microsoft 365 security Retrieve associated SharePoint site URL for Microsoft Teams Find out how to retrieve the associated SharePoint Site URL for Microsoft Teams… November 23, 2018 3 min read Microsoft 365 security Microsoft Teams security hacks Discover security features that you can use to protect your corporate and sensi… June 24, 2020 7 min read Microsoft 365 security [Whitepaper] Introduction to SharePoint permissions management If you’re a SharePoint admin, consultant, or just new to SharePoint manag… January 20, 2017 2 min read