When you are creating a Microsoft Teams team, one of the questions you first ask yourself is – “Which privacy should I choose?” It’s the public vs private teams in Microsoft dilemma, and it is one of the most important decisions you need to make, so you should understand the differences between privacy settings to make a better and more informed decision.
In this how-to video and blog post, we will explain:
When you are creating a team, you can choose one of the three types of privacy settings, as shown in the image below:
Everyone in the organization can see the public teams and join without approval from the team owner. When a user joins the public team, he will have access to all parts of the team – conversations, public channels, folders and files, planner, SharePoint site.
So, if everything is accessible to everyone, when should you consider creating a public team?
The most significant advantage of public Teams is collaboration, but you need to be careful as everyone can see everything inside public Teams. Also, in large organizations, it can lead to chaos and decrease productivity if a lot of people join a public team.
As I mentioned, all users (even those not part of that team) can find the contents of public teams, including Microsoft Copilot.
This means that Copilot will be able to find and use all of the documents belonging to public teams and use it to complete its prompts. The main issue here is that users will use Copilot and accidentally get access to sensitive data such as pay information, personal data, or even sensitive company data.
Don’t worry. It’s not a bug; it’s actually a feature that works as intended. But you have to prepare for it.
We strongly suggest all IT teams planning on rolling out Microsoft Copilot review their sharing links, sharing settings, group access, and ultimately all of their public teams.
If you want to learn how to prevent Copilot oversharing from happening to you, read our guide on how to stop oversharing in Microsoft 365 or check out our Microsoft Copilot webinar below:
Private Teams are permission-based, which means that users can join only after the team owner lets them in. Users cannot see private Teams when they navigate to the “Join or create a team “inside Microsoft Teams. There are a few possible ways users can join a private team:
After users join a private team, they have access to everything inside that team, and they can start chatting and sharing files with other team members.
As private teams can be accessed only by members and owners, they are more secure, and the risk of a data breach is lower.
In my opinion, most of the teams will be private, especially in large organizations, but let’s see some concrete use cases when using private teams:
Org-wide Teams are a particular type of public teams where all users from the organization are added automatically as members, and global admins and Team service administrators are added as owners.
However, there are some limitations of Org-wide teams:
Org-wide channels can be used for company communications, but Microsoft provides some recommendations:
If you realize you have chosen the wrong privacy settings in the public vs private teams dilemma, you can very quickly change it from private to public or from public to private. Of course, global admins also have an org-wide option.
To change the privacy setting of a team, follow these steps or take a look at the image bellow.
Click Three dots -> Manage team -> Settings -> Edit:
Then change privacy and click the Done button. That’s it!
Every team has a SharePoint site behind the scenes where all the content is stored. The main difference between permissions on a private and public Teams’ site is the “Everyone except external users “domain group. Public Teams have this group in the site members group, and private Teams don’t.
Team owners and members can access all teams’ services (Teams, Planner, Calendar, SharePoint site). Still, there are some situations when you would need to share just the content of a SharePoint site to specific people without giving them access to Teams conversations and other services. If you would like to share a site, you need to navigate to Settings -> Site Permissions -> Add members and click on the Share site only option.
We have seen three types of Teams’ privacy settings, the differences between them, and what happens when you create each of them, so you should be ready to choose your team’s privacy. Most importantly, if there will be sensitive data, you need to go with a private team. If there won’t be sensitive data, private teams are also the preferred option in most situations, but it depends on your use case and organization size. If you choose a public team, you should be careful with the team’s data, as everyone can access the data. If you’d like to manage your teams from a central place – check out Syskit Point, an Office 365 governance platform.
