Staff are using Microsoft 365 Apps in their daily work. Check you understand permissions and privacy relating to the key Apps and that your content is secure and being accessed as you intended.
The Trust Center
The Trust Center (found under 'Options') is where you will find security and privacy settings for Microsoft programs. With the consistent appearance of the ribbon, steps to find the Trust Center are the same for each program. The options available in the Trust Center allow you to share documents with the people you want, as well as to find and remove hidden information you may not want to disclose.
For more information check out Microsoft's Trust Center.
Microsoft Stream
- Permissions at the video level allow you to control who can see your video
- As the owner / creator of a video, you can edit the video permissions at any time
- You can record Microsoft Teams meetings and the recordings are stored in your Stream App. Unless you explicitly change the permissions on a recording, it will only be available to yourself and those who were invited to the meeting
For more information check out Queen's Microsoft 365 Training SharePoint.
OneDrive for Business
- Your OneDrive is protected from public viewing by default. Only you can access personal documents and media files that you store in it unless you explicitly share a folder of documents or a single document with other people for reviewing or co-editing.
- Regularly review which documents you have shared and with whom
For more information check out Queen's Microsoft 365 Training SharePoint.
Teams/SharePoint Online
- Create your Team(s) as Private unless you have a specific reason to make them Public
- Regularly review who is in your Team(s), both Members and Guests
- Only add Members to your Team(s) using the Teams GUI, not from the underlying SharePoint site
- Remember that files in your Team are accessible to everyone who is a Member or Guest of the Team and do not share files in your Team outside the Team unless strictly necessary
- Make your Teams Meetings as secure as possible by checking the Meeting Options after you set up your meeting
- Make all participants aware before recording a Teams Meeting, and prevent unauthorised recording by assigning roles.
- Information in Teams is subject to the Freedom of Information Act 2000 and GDPR, including Meeting recordings and Chat conversations
For more information check out Queen's Microsoft 365 Training SharePoint.
Microsoft Admin and Queen’s Microsoft 365 Global Admin staff can access any Microsoft 365 Documents
However, as professional administrators, they adhere to a code of conduct and practice that mandates that they do not access or view the contents of any file unless specifically required to do so (either by law or by legitimate instruction from an authorised person). Furthermore, if sensitive data is properly encrypted, it is inaccessible to anyone, including Admin staff, who do not possess the necessary encryption keys.