Improving our data security: Updates to public site settings

Published: 30/06/2026

We've made some important updates to how Microsoft Teams sites work at NTU, to help keep our information safe and properly managed.

These changes are part of our ongoing work to improve data security and make sure information stored in Microsoft 365 is only shared with people who need access to it. This helps reduce the risk of information being shared by accident and supports a safer and more secure digital environment for everyone.

What’s changed?

On Monday 29 June, all existing public Teams sites were switched to private. This small but important step will help prevent accidental oversharing and strengthen the security of our digital environment.

We’ve also introduced daily automated checks to help identify any sites that may have been set (or reset) to public. In most cases, these will be switched back to private unless an approved exception is in place.

If you have an existing site that needs to remain public, or you need a new public site to be created, you can request this via the DT Service Desk at support@ntu.ac.uk.

For other questions, please contact the Information Governance team at DPO@ntu.ac.uk.

Improving our data security in Teams
Improving our data security in Teams

Why has this change been introduced?

Following a recent review of how Teams sites are shared across the University, we found that a large number of sites were set to public. This meant all colleagues and students can access the site and its contents, even if they do not need to. In many cases, site owners did not realise their sites could be accessed by anyone within NTU.

This creates risks including:

  • The accidental exposure of confidential or sensitive information.
  • Reputational and operational risk if inappropriate content is shared too widely.
  • Increased likelihood of unauthorised changes, downloads or misuse.

Public vs Private: What’s the difference?

Public Teams sites

  • Can be accessed by any student or staff member at NTU.
  • Should only be used for non‑sensitive information meant for a wide audience.
  • Best for:
    • templates and shared resources
    • general guidance or help information
    • knowledge hubs
    • support pages.
  • Must be requested and approved through the DT Service Desk.

Private Teams sites

  • Only accessible to people who are invited.
  • Content can only be viewed or edited by approved members.
  • Recommended for:
    • group projects
    • course, module, or society working spaces
    • sites containing personal data
    • internal documents.

Supporting a safer digital environment

These updates form part of NTU’s wider work to improving security, reducing unnecessary risk and ensuring information is well-governed and easy to manage.