provide proper controls to meet data retention requirements by blocking users from joining third party teams
Many industries require the monitoring and retention of communications on sanctioned platforms like teams. Things like the investment advisers act (SEC rule 204-2) require that companies monitor and retain communication channels used by and for the business. Teams is a great communication tool, but lacks the controls to block users from being invited to outside teams (via their corporate sign-on!). Once a user joins another team they are bypassing all of the compliance / retention policies of their corporate tenant where their ID is owned and managed. This is so bizarre! Tenant restrictions do work (blocking sign-in as long as they are behind a proxy), but such a solution is not valid for mobile devices, and therefore there is a gap in retention of communications on the teams platform unless Microsoft creates a way for identity OWNERS to block their identities from being used by third party's within the Azure eco-system. In other words, systems administrators should be allowed to opt-out of the Azure "client-to-client" or "tenant-to-tenant" federation in order to ensure their company is in compliance with retention requirements similar to those stipulated in the investment advisors act. That, or find a way to capture and journal third party teams conversations.