How to De-identify PII data from the Teams Admin Usage Report
Michael has been an IT Pro since 1998. He has worked predominantly in the Windows world including client and server operating systems, on-prem systems engineering (AD, DNS, etc.), and over the last ten years or so has embraced and immersed himself in...
Microsoft announced recently that the rollout of a new feature in Teams usage reporting has completed and should be available for all. This will put many an IT Pro’s minds’ at rest, at least a little more. 🙂
Prior to the rollout of MC244599, the Teams admin center exposed user identifiable information (PII) like AAD Id, username, email etc. in various reports. This included the Teams’ user activity and device usage reports, etc. The Teams usage reports available in the Microsoft 365 admin center already have the capability of having PII data de-identified. Now, this capability is shared in the Teams admin center.
Microsoft is introducing a capability to allow Global Admins to de-identify PII information in Teams usage reports based on anonymization settings in the M365 Admin Center. This will allow Global Administrators to hide PII data in their organization. Here’s how to check the current setting in your organization:
- Open the Microsoft 365 Admin Center -> https://admin.microsoft.com/
- Make sure the navigation menu along the left is expanded. Click Settings -> Org Settings.
- Scroll down and click the Reports item.
- If you want your user data de-identified, check the first box – ‘Display de-identified user, group, and site names in all reports.’
- Click Save and you’re done!
If you choose to de-identify data, here are the changes you’ll find in the Teams ‘user activity report:
- Report UI Changes – Display name column information will be de-identified.
- Report Export changes – ID, DisplayName and UserName columns information will be de-identified.
Here are the changes you’ll discover in the Teams ‘device usage’ report:
- Report UI changes – Display name column information will be de-identified
- Report Export changes – ID, DisplayName and UserName columns will be de-identified.
As Global Administrators in your organization, you’ll have more control over the PII data in your reports. This will be helpful if your security and compliance folks would prefer (or require) that these reports NOT contain PII data. Be sure to bring this up to the attention of your compliance team and come to a decision on how you want to move forward.
