1. Third-party apps are blocked by default in Microsoft Teams at Henkel due to compliance and security risks.
2. To enable a third-party app, the App ID needs to be delivered from Henkel's Enterprise Architecture and Strategic Portfolio Management Tool, and approvals from Application Owner, Security, and Compliance responsible are required.
3. Third-party apps should be certified by Microsoft, support single sign-on, have documentation explaining how it works, and any technical or security issues related to the app should be handled by the application owner.
The article titled "External Apps in Microsoft Teams" provides instructions for requesting third-party apps in Henkel's Microsoft Teams platform. However, the article has several potential biases and missing points of consideration that need to be addressed.
Firstly, the article states that all external or third-party apps are blocked at Henkel by default due to compliance and security risks. While this may be a valid concern, the article does not provide any evidence or examples of such risks. This lack of evidence makes it difficult for readers to assess the validity of this claim and raises questions about whether there is an underlying bias against third-party apps.
Secondly, the article requires that third-party app requests go through a rigorous approval process involving multiple stakeholders, including application owners, security and compliance teams, and purchasing teams. While this may be necessary to ensure compliance and security standards are met, it also creates significant barriers for users who need access to specific third-party apps quickly. The article does not address how long this approval process takes or what happens if a request is denied.
Thirdly, the article notes that third-party apps should be certified by Microsoft following their certification process. While this may provide some assurance of quality and security, it also limits the range of available third-party apps to those that have gone through Microsoft's certification process. This could potentially limit innovation and creativity in finding new solutions for business needs.
Fourthly, the article notes that there is no service level defined for third-party app requests. This lack of clarity could lead to frustration among users who do not know how long they will have to wait for their request to be approved or denied.
Finally, the article notes that any technical, security or privacy issues related to an app must be handled by the application owner. While this may seem reasonable on its face, it also places a significant burden on application owners who may not have expertise in these areas.
In conclusion, while the article provides some useful information about requesting third-party apps in Henkel's Microsoft Teams platform, it also has several potential biases and missing points of consideration that need to be addressed. These include providing evidence for claims about compliance and security risks associated with third-party apps; addressing how long approval processes take; considering alternative approaches to certification; defining service levels for requests; and providing support for application owners who may not have expertise in technical or security issues.