Simplify Information Governance & Minimize Risk with M-Files for Microsoft Teams

Microsoft Teams is the platform launched in 2017 as a tool for collaboration and communication, bundled with Office 365. As of November 2019, Teams boasts 20 million daily active users, with estimated usage by more than 500,000 organizations in 181 countries. Microsoft’s vision is to make Teams the definitive app where work happens, bringing together all the different pieces of Office 365 in one single hub.

Microsoft deserves credit for creating a wonderful application, but the meteoric rise of Teams also presents unique risks.

Executives and IT managers face new challenges to sustain their information governance efforts.

Maintaining control and visibility on information without stifling the adoption of a tool like Teams is a real nuisance. Inaction is dangerous considering the pressures companies are subjected to when it comes to governance.

The Challenge With Microsoft Teams

Winning organizations find ways to manage and track information, regardless of:

  • Which tools the organization uses — like Microsoft Teams and Outlook
  • Where information is saved — like SharePoint, Salesforce and network folders

Microsoft Teams can deliver the benefit of collaboration and communication, but there may be challenges in terms of where information is stored and who can access it. Let’s be clear, though. Microsoft Teams itself is not inherently problematic. It is only when the implementation and deployment are unchecked that governance procedures within the Teams environment can become a challenge.

Without a managed implementation and subsequent monitoring, companies might realize content sprawl because of a multiplication of teams, channels and integrated apps with no clear organization. This is an issue for an overarching information governance framework. IT departments are tasked with maintaining a system-neutral Information governance protocol, associated with rules and procedures; and they strive to balance that with the need to be more agile and flat — to give users more freedom.

When information governance efforts are too restrictive, employees find a way around them, and that’s where shadow IT becomes an issue, where employees use rogue applications and workarounds without the IT department knowing it. And that, of course, puts the company at risk.

An important facet of collaboration and communication happens with documents. They are created, shared, edited. People are asked to give feedback or sign off on them. Eventually, they need to be either disposed of or retained.

Within Teams, documents and files are still managed in a static way. For example, to reference a file, you tag them in the conversation or in a task. Furthermore, files are stored in silos, since every team in Microsoft Teams corresponds to a SharePoint site, and each channel corresponds to a folder. This approach makes it challenging for companies to ensure operational transparency and legal compliance, two topics that are top-of-mind for IT professionals.

The bottom line is this: Microsoft Teams itself is not the problem; uncontrolled implementation and unchecked governance procedures within the Teams environment is the culprit. Looking a bit deeper, we have identified five areas where Teams represents a challenge for information governance.

Proliferation Of Information Sprawl

Call it information sprawl. Call it content chaos. Whatever you call it, the problem is only growing along with the rise in data volume, velocity, and variety. The challenge is primarily caused by company information scattered across multiple data repositories — ERP, CRM, network folders, email inboxes, file-sharing applications… the list goes on and on.

This leads to a practice known as context switching for employees — which means navigating from one system or application to another to get work done. This hijacks concentration and flow. Microsoft Teams might indeed help reduce the need for context switching, but in terms of documents and files, information may still be siloed in disparate environments. This, of course, is not necessarily a weakness of the Teams application, but more a symptom of content chaos, as discussed earlier. A result of context switching is change fatigue, which is the additional difficulty in having to adapt to different UIs for different application to simply get the job done.

According to a recent M-Files report, on average, respondents identified four systems and/or repositories that their organization uses to store and manage documents and other information. But content sprawl is not a new problem. It is, however, a problem exacerbated by poor document control processes within Microsoft Teams.

Essentially, the type of information we wish to control often resides in multiple repositories and is then brought into the Teams environment ad hoc. Unsurprisingly, Teams works well with the Office 365 suite, and with documents that are in SharePoint. Connecting to content in other business systems, however, is a challenge — whether it’s CRM, ERP or some other system of record.

It’s possible to connect to common archives — Dropbox, Box, Google Drive — but even that can be problematic, as it is left to the discretion of the single channel. One employee could, for example, connect their personal Dropbox account to Teams, move loads of files around, and IT would be none the wiser.

Document Duplication

Then there’s duplication of documents. Cross-team or cross-system collaboration often means documents are duplicated, and control is lost. The result is a familiar struggle for many large businesses today: organizations face increasing inefficiencies and missed opportunities from fragmented data living in multiple applications. An organization that lacks such data cohesion cannot possibly recognize the total value of their business.

Teams is good at making sure members of a group have access to information they need to do their job. But the reality is never this clear cut. For example, you might have a group assembled to manage a certain project, with all the documents related to that project stored in the SharePoint site that gets automatically created. What happens when the legal department wants to keep an eye on legal documents like contracts, NDAs and agreements? Or when another project team needs access to some of the documents to inform decisions? Or what if some of the documents are on the ERP or in a network folder?

Right now, the most common case is that the document would be duplicated, and, of course, this means control is lost. What’s the most recent version and where can it be found? What changes have been approved? What version do we need to retain? Perhaps, most importantly, who has access to the file?

Document Lifecycle Management & Orphaned Content

Information must be managed throughout its lifecycle, starting when the record is created or received. Next, the emphasis is on usage, storage, retrieval and maintenance. At the last stage of the lifecycle is disposition and destruction or permanent retention in accordance with the organization’s records retention schedule.

When we say that documents in Teams are static, we mean that for them to go through their lifecycle they need to be processed manually. Think about a situation where a project manager, for example, solicits input from colleagues about a customer deliverable contained in a document. In Teams, they would likely tag the team member in the conversation and wait for their reply, which is far from the optimal method of tracking a document through its lifecycle and capturing critical changes or feedback.

Similarly, for official documents like contracts which require action, they still need to be circulated for review, approval, and signature. Upon expiration, whose job it is to make sure they are archived and retained in order to comply with standards and laws? If they are floating around in the ether of Teams, can the lifecycle stage be tracked and recorded? Document workflows are currently not core feature of Microsoft Teams, and therefore, documents need to be moved from one state to the next manually.

All of this results in orphaned content — documents or data that have no well-defined owner. Depending on the processes, this type of content can be handled in different ways, but it is usually a problem in terms of information lifecycle, especially in terms of what needs to be kept and what doesn’t. Organizations experience inherent complexities managing orphaned data throughout its lifecycle through to its ultimate disposition. And for most organizations, spoliation isn’t the problem. It’s over-retention. They store everything forever — from critical business data to junk files — and sustain high levels of risk and cost in doing so. For all these reasons, managing orphaned content is a mission-critical problem for most governance protocols. Without a suitable policy infrastructure and technology capabilities, they can’t begin to address data with no owner, and thus carry the unjustifiable risk and cost associated with it.

Accidental Leaks

All technology leaders seek to minimize the risk of accidental leaks, but some organizations face more challenges than others. Think about how healthcare organizations protect patient privacy. Or how banks worry endlessly about cybersecurity hacks. Or how so many government organizations risk data breaches because of antiquated technology. The list goes on.

Every organization wants privacy protection during collaboration — in Microsoft Teams or in any other tool according to Microsoft. Additionally, Teams features two factor authentication and encrypted data. So, there are security measures in place. But what about accidental leaks that may occur as a result of simple collaboration and not nefarious hackers?

Look no further than the permissions model within Teams. Microsoft recently rolled out guest accounts for Microsoft Teams. This means guests — not employees or members of your organization — can access teams, documents in channels, resources, chats, and applications. A possible issue is the lack of IT control over whether individuals are sharing private information with external parties. Moreover, in general, Teams is missing an overall permissions model — including guest access — between Teams, Office365 Groups, SharePoint, OneDrive, etc. By default, when an employee is invited to a channel, they can access all documents in the SharePoint site of the team. Some of these files, though, might contain sensitive information, or information about other projects, customers, partners. Imagine inviting a supplier to the channel, so that they can stay in the loop and contribute, and then realizing they have had access the whole time to the quotes their competitors have sent you at the beginning of the job, or to the contact details of the customer.

The Solution: M-files for Microsoft Teams

In the way of an introduction: unlike traditional Enterprise Content Management (ECM) systems, M-Files is an intelligent information management platform that allows organizations to manage content and information regardless of whether that information resides in M-Files or other business systems or repositories. It allows any organization to effectively address the process, productivity and compliance challenges they face caused by content chaos, without disrupting existing processes, systems or users. Users benefit from powerful tools to find, edit, share and organize content and information directly from SharePoint, Salesforce or any Windows application, gaining the advantage of artificial intelligence to automate office work.

The platform launched the M-Files for Microsoft Teams add-in, bringing the power of information management into the Teams environment. M-Files for Microsoft Teams is unique because it expands the capabilities of Teams outside the Office 365 boundaries, organizing and presenting information from disparate repositories — SharePoint, ERP, CRM, Google Drive, Box, Dropbox — and makes it available when needed, without exposing the company to risks.

Simplify And Centralize Information Governance

M-Files makes information governance easy in Microsoft Teams. In essence, M-Files breaks users from the chains of managing documents in a siloed manner. M-Files contributes to an overarching information governance program and eliminates the need to micromanage governance within individual applications, like Teams.

Taming Information Sprawl

M-Files is built on a vision — to enable access to all the information in an organization, no matter where it’s stored. The platform has integrations with most common third-party archives and business systems. Consequently, Teams users have access to information, files and documents in their channels and groups, regardless of which system they reside in. The best part for IT departments is that integrations within M-Files can be controlled at the company level.

Whereas, in Teams users are largely free to use any integration they see fit, giving rise to shadow IT and a variety of complications.

A huge part of creating this frictionless experience for employees — in Teams and otherwise — is the metadata driven approach. M-Files ushers a new era of information management for users, uncoupling them from the traditional folder system of storing information — a setup that is still used by Microsoft Teams. With metadata properties, M-Files places a premium on what’s in a document rather, than where it is stored. This changes the perspective completely.

Before M-Files, employees need to figure out where a document they might need was saved; now, it’s enough to know what type of document they need, or which customer or project it concerns, or when it expires, and they can easily identify it. It’s a way of looking at information that is much more in line with a modern workplace, where an employee can find needed information in context by commanding, “Show me all contracts that are expiring next week” or “I want to see all documents about this project.” It’s a paradigm shift that stands in stark contrast to the folder approach that comes from the archaic file cabinet system.

No More Duplicated Documents Or Version Control Issues

Most businesses are already uncomfortably aware of the costs, errors and missed opportunities associated with duplicate data. Records for customers, suppliers, products, and more are duplicated in multiple, disparate systems.

Often, no structure exists to uniquely identify the most up-to-date and relevant version of a document across systems and, worse, often no proactive steps are taken to prevent the creation of duplicate records. With M-Files for Microsoft Teams, there is one single source of truth for information. While M-Files tracks version history, there is only one master document which users can reference. Different departments can access the same up-to-date version of a document directly from Teams, no matter where it is stored and without the need to create duplicates.

Easily Managed, Centralized Document Lifecycle

One of the most powerful features of M-Files is the ability to create workflows around documents. Workflows can move documents along their lifecycle — status changes automatically, and people are notified — even after the Teams channel is deleted or archived. Documents can be assigned to workflows, facilitating lifecycle management for different types of documents — like contracts, customer information, etc.

There’s no need for manual processing of documents within Teams. Consider the example of a contract uploaded to a Teams channel with a note for team members to sign off on it. How can the originator know if all seven people have approved it? How does she know where it is in the approval process? With M-Files, documents like contracts follow a pre-defined workflow process, where users are reminded that action is required, and managers are notified when the workflow is complete. Governing information becomes a snap when documents must be moved into different states depending on the type, so that appropriate lifecycle management can be enforced without impacting the day-to-day work of employees.

The same document lifecycle management in M-Files applies to the basic governance tenets of archival, disposition and retention. Sensitive information is protected even when external contributors are invited, and retention and disposition policies are enforced, no matter if a channel has been archived or deleted.

Workflow capabilities all but eliminate orphaned content. Documents, files and other information always have a by-line to owners, stakeholders, external contributors and anyone that might have a vested interest in the lifecycle of that document.

Minimize Information Security Risk & Accidental Leaks

With M-Files for Microsoft Teams, information security is safeguarded, and the risk of accidental leaks is minimized. M-Files features a robust and customizable structure for permissions and access. With metadata, users (or groups of users) can be assigned permissions automatically or manually, ensuring that they only have access to the documents they’re supposed to have access to. Thus, even if an employee references sensitive files in a Teams channel, only those users with the appropriate permissions will be able to access them.

Imagine, for example, a situation where an employee shares confidential client data with team members on a Teams channel. Without M-Files, that employee may not know if some members of the channel shouldn’t have access to it. They may not know if that confidential information gets proliferated outside of the Teams environment.

There’s a lack of information security controls. With M-Files, the user simply shares a link to the document and only those with proper access can view or edit it.

In addition, accidental leaks are prevented at the system level. Both Microsoft Teams and M-Files use Azure Active Directory (AD) to authenticate and grant access to users. This allows setup of permissions to safeguard certain classes of documents. By using Azure AD to determine the role or the group of the user, it enables an advanced level of permissions within Teams, so that members of the same team or channel can have access to different sets of documents.

The Key Takeaway

Companies are often pulled between the desire to be more productive and effective and the need to ensure that they do so by following the rules and being fair to customers and the public at large. M-Files helps them by easily allowing Microsoft Teams to simplify information governance, a tool that is proving to be more and more essential to their future growth.

With the M-Files integration, the walls between channels are broken down. All the relevant information can be accessed in its most recent version across different teams, no matter if it is stored in SharePoint, the company’s ERP, the sales department’s CRM or another third-party archive. The focus on metadata allows organizations to establish lifecycle policies for certain types of documents, and enforce them also in Teams, even after a specific channel has been archived. With the same logic, since M-Files uses Azure AD to identify users, people can be given different types of access to different documents, even when they belong to the same team, safeguarding sensitive and competitive information. 

For more information on how we can help your organisation please email: or visit

Peter Ellyard

Having spent over 20 years immersed in the document management software industry I have found that by offering a simple to use, highly effective electronic document management solution (knowledge management software) we increase productivity dramatically. Typically by an hour per person, per day! This is not rocket science, just a simple way to streamline your day to day information needs.