Why Will Teams Win the Extranet? Planning for a Secure & Governed Extranet

Why Will Teams Win the Extranet? 

Planning for a Secure & Governed Extranet

29 July 2020 · 5 min read

Organizations operate in a network of suppliers, vendors, clients, and external stakeholders. Successful collaboration involves external parties on top of internal ones.
An increasing number of organizations are focusing on optimizing collaboration through platforms like Microsoft Teams. Teams offers capabilities to ensure employees maintain productivity and collaboration. Such capabilities can also apply to external collaboration in the form of an extranet for a joint collaboration space.

Challenges of Current Extranets

Organizational extranets are designed to nurture collaboration with outside parties. An extranet should ensure organizations can securely collaborate with clients, vendors, suppliers, boards, and more. However, current infrastructure does not always meet those needs. Some of the most pertinent challenges have been highlighted below.
Access & Security. Inviting external stakeholders to an organization’s extranet can pose several challenges. IT Administrators need to securely invite and set up identities for external collaborators, with appropriate permissions to documents and data. Inappropriate access impacts an organization’s internal governance and data security – possibly causing what we call a ‘bad day.’ To avoid this bad day, IT Administration needs to continuously maintain and update access & permissions. It adds up costs and risks of error though.
With Microsoft Teams, tasks are streamlined. Teams allows organizations to manage security and update permissions, reducing the risk around content.
Extranet Infrastructure. To ensure functionality and successful collaboration, an extranet has to be hosted on special infrastructure. This infrastructure needs reverse proxies or firewall configurations which can rapidly add up to a large investment for any organization. These costs can only be justified for large-scale collaborations, making it difficult for smaller entities to deploy them.
With Microsoft Teams, organizations avoid such a challenge. They do not need to invest in developing their own infrastructure and can rely on Microsoft Teams and Office365 to host their extranet.
Extranet Support. Depending on the scale of collaboration, organizations will have different requirements for their extranet. At the core, organizations need their extranet to support updates of permissions and access, enrollment of new users, and termination of access, to mention a few. Current collaboration tools offer limited support in this regard, exposing organizations to risks around their content.

Deciding how an organization will enroll external users determines the amount of risk and involvement of IT and Governance teams.

Microsoft Teams enables organizations to collaborate despite their size. Whether their extranet requirements are on a small- or large-scale, Teams’ capabilities accommodate all collaboration needs.

Planning for Microsoft Teams as a Governed and Functional Extranet

Microsoft Teams has experienced tremendous adoption in a short period of time. The platform streamlines collaboration and increases productivity, even during challenging times for organizations. Teams’ functionality to enable real-time collaboration on documents and invite guests and external collaborators make it a go-to platform for a governed and functional collaboration extranet. This type of extranet must enable two-way interaction with external users in real time and secure document sharing.
If your organization intends to use Teams as an extranet, some planning will be necessary. Organizations should outline the purpose of the extranet, its intended audience, and governance policies. The platform’s extensive capabilities offer a range of choices on how organization want to set up their extranet, by following a few simple steps.
1.  Determine who needs access
Every department within the organization has different requirements for external collaboration. Cataloguing those requirements sets up a baseline for Microsoft Teams extranet policies. IT can determine who needs to have access as a long-term guest user or short-term external collaborator. Such planning reduces the burden and security risk in the long run.
2.  Decide how to enroll users
Microsoft Teams allows organizations to set up an invitation-only extranet or offer self-registration options. When organizations have small-scale collaboration needs, it is recommended to select an invitation-only process with more oversight from IT and Governance professionals.
However, for large-scale collaboration with hundreds or thousands of external users, organizations can leverage Azure Active Directory. This allows users to self-enroll in the extranet and receive access through approval workflows.
Deciding how an organization will enroll external users determines the amount of risk and involvement of IT and Governance teams.
3.  Establish authentication methods
Organizations can leverage a variety of authentication methods for their external users. This ranges from email and password registration to authentication through Office365, Azure AD profiles, or using federated services like Google, LinkedIn, Twitter, or Facebook accounts.
Depending on your governance and security policies, we recommend using either Office365, Azure AD profiles, or Microsoft accounts. These authentication methods will work natively and reduce the risk of suspicious users within the extranet.
4.  Choose types of access
After deciding how users will authenticate, organizations need to outline what type of access external users will have. Microsoft Teams allows external collaborators and guest access, depending on organizational needs.
Organizations need to decide in which category external users fall and grant appropriate permissions to Teams, Channels, and documentsIT should then secure and place ethical walls to the rest of the content to prevent internal information from being accessed. 
5.  Select accessible applications
Depending on the type of access granted to external users, organizations can also determine which applications will be available to them.
Guest users in Microsoft Teams will have limited access to applications outside of Microsoft Teams. External collaborators could be given a larger scope of access to other applications too. This includes SharePoint Online, OneDrive, or other specific tools such as Yammer, Planner and third-party applications.
Selecting which applications will be available to extranet users enables quick deployment while lowering overall organizational risk.
Bringing it All Together
All the steps mentioned above ensure that the Microsoft Teams extranet is well-organized and governed. Risk from inappropriate access needs to be minimized to mitigate breaches and avoid bad days.
While Microsoft Teams and Office 365 possess the functionality to serve as an extranet, managing it can be a challenge in its own. Security and permissions are spread out across different administration centers, increasing the risk of error in setting up proper controls and safeguards.
Using Microsoft Teams as an extranet also becomes problematic due to the difficulty of tracking Teams and Channels to specific projects or engagement because of limited metadata. As a result, projects and their corresponding documents may not be secured properly posing for further governance risk.
Overcoming these challenges is possible. All you need is an enterprise process and governance platform such as Prosperoware CAM. We have outlined some proven best practices to ensure that your Microsoft Teams extranet is well-planned and governed.
To learn what these best practices are, stay tuned for Part II of this blog post.

Want to see CAM & Microsoft Teams in action?

Learn more

Check our related content