Microsoft Teams Interoperability Support
Team Collaboration (TC) platforms, such as Microsoft Teams, are closed applications with no built-in interoperability capabilities.
As a result, IT needs a secure, cost-effective, and an easy to manage universal interoperability service. Universal interoperability means allowing your employees to use the platform of their choice to seamlessly collaborate with their internal and external colleagues who also use different platforms.
The alternatives to NextPlane are either:
a) use Microsoft Guest Accounts, or
b) do channel syncing. Both have serious security, control, and cost drawbacks.
Guest accounts on Microsoft Teams do not offer strong security measures like password complexity checks, password expiration, and Two-Factor Authentication (2FA). This can tempt hackers to prey on Guest Access Accounts with weak passwords to reach your unsuspecting Microsoft Teams users. Since these hijacked guest accounts belong to other companies, you cannot disable them. You also have no control over who can send guest account invites or be able to see the list of guest accounts on your admin console.
Also, the number of Guest Accounts a company can have is limited. For instance, Microsoft only allows five Guest Accounts per paid Azure AD license. In other words, a company with 1,000 Microsoft licenses can only send out 5,000 Guest Account invitations.
Channel syncing between TC platforms requires storing your super admin privileges, on 3rd party servers, to sync accounts across your respective platforms. Also, channel syncing requires your buying additional licenses on both sides, which can be cost-prohibitive depending on the number of users on each side. It also may involve keeping the synced conversations and files in unencrypted temporary storage.
In comparison, NextPlane gives you user-level control on your federations. It also allows you to track and control your users by federated domains. To provide you with user-level control requires your users to install the NextPlane app on their MS Teams clients, and send chat invitations.
NextPlane ConverseCloud acts as a universal interoperability hub between your collaboration platforms. It performs the necessary protocol (SIP and XMPP) translations and API conversions to ensure all your chat, presence, Teams, and file sharing works seamlessly, regardless of the platforms.
NextPlane ConverseCloud takes advantage of the Microsoft Bot Framework to provide a richer collaboration experience for your MS Teams and Non-MS Teams users:
- Add external contacts
- See external contacts’ profiles
- Share presence
- Exchange chat and IM messages with external contacts
- Invite external users to channels
- Send messages with rich-text
- Send messages with emoji reactions
- Share files
Your Microsoft Teams users only need the NextPlane bot, which is available from NextPlane for MS Teams.
The NextPlane bot is not an executable code. It’s a registration of NextPlane ConverseCloud within the MS Teams’ infrastructure. This registration provides NextPlane ConverseCloud with an access token to call MS Teams API methods and listen to MS Teams events on behalf of the installed NextPlane bots.
The NextPlane bot only passes chat messages between your Microsoft Teams users and the NextPlane ConverseCloud. It treats Microsoft Teams chat inputs as a command and translates them into contact requests, such as SIP invites, and sends them to non-MS Teams contacts. When the contact request is accepted, it sends Microsoft Teams users a link to the peer-to-peer chat channel with the invited contact.
Security
NextPlane ConverseCloud only uses the Microsoft Bot Framework to exchange chat messages with the Microsoft Teams users and does not use any other APIs, such as the Microsoft Graph API. By limiting all the internal operations and workflows to the Microsoft Bot Framework, NextPlane does not need or require access to any admin credentials or elevated privileges.
During the installation, the NextPlane bot will request the following permissions:
- To receive messages and data
- To send messages and notifications
- To access user profile information
To send and receive messages, NextPlane uses authenticated and encrypted channels. It supports TLS-enabled SIP, XMPP, or HTTP protocol. NextPlane ConverseCloud transfers your Microsoft Teams’ users’ messages via the OAuth2-authenticated and TLS-enabled HTTP connection between NextPlane ConverseCloud and the Microsoft Bot Connector.
Privacy
The permissions given to the NextPlane bots allow NextPlane ConverseCloud to:
- Listen to the Microsoft Teams events, like when users post new messages to their respective Microsoft Teams chat, add emoji, invoke an invite command, modify or delete messages.
- Retrieve and send messages to the Microsoft Teams peer-to-peer chat.
Restricted by the Microsoft Teams Permissions model, NextPlane ConverseCloud can receive events, retrieve, or send messages only to those Microsoft Teams peer-to-peer chats where the NextPlane bots have been added. Otherwise, NextPlane ConverseCloud cannot listen to any events or perform any actions in these chats. Also, NextPlane ConverseCloud has no access to any kind of information (messages or files) shared in the Microsoft Teams channels where your users have not added the NextPlane bots.
NextPlane ConverseCloud collects different kinds of information, including personally identifiable ones. The following are the types of information NextPlane ConverseCloud collects:
ConverseCloud collects Microsoft Teams users’ ID and profile information (name and email) and keeps them in its database. ConverseCloud only uses this information to provide external contacts with their connected Microsoft Teams’ users’ contact details.
The NextPlane servers automatically record a log entry for each message they process. The log entry contains only the metadata without the message content. The metadata consists of the following fields:
- Sender address (e.g., john@acme.com)
- Receiver address (e.g., peter@widget.com)
- Message type (IM, Presence, typing, error)
- Time and date of the message
- Chat session ID
Management
Using NextPlane Management Portal, you can seamlessly connect different collaboration platforms within your company, or partners such as customers, partners, or suppliers outside your company. The NextPlane management portal provides customers with trailing 12 months of charts and graphs depicting the number of unique users, the number of messages exchanged, as well as detailed usage reports by internal and external federated domains and platforms.
Originally published at https://nextplane.net on March 30, 2020.
