Microsoft 365 Groups: Collaboration Features Guide

What Are Microsoft 365 Groups?

A Microsoft 365 Group is a shared identity — a collection of users with a common membership list — that acts as the foundation for a range of Microsoft 365 collaboration services. When you create a Group, you automatically get:

• A shared mailbox and calendar in Outlook
• A SharePoint team site for document storage
• A OneNote notebook
• A Planner board for task management
• A Teams workspace (if you choose to add Teams)

The membership list — who belongs to the group — controls access to all of these resources simultaneously. Add someone to the group, and they get access to all connected services. Remove them, and they lose access across the board. This makes Microsoft 365 Groups a practical foundation for project teams, departments and working groups.

How Groups Relate to Teams

Every Microsoft Teams team is backed by a Microsoft 365 Group. When you create a new Team in Teams, Microsoft automatically creates a corresponding Microsoft 365 Group. The members of the Team are the members of the Group, and their associated SharePoint site is the document storage for the Team's Files tab.

This means that Teams and Microsoft 365 Groups are not separate things — Teams is one of the services that surfaces Microsoft 365 Group functionality. Understanding this relationship is useful when troubleshooting access issues or when admins are trying to manage membership centrally.

Group Types in Microsoft 365

Microsoft 365 has several types of groups, which can cause confusion:

Microsoft 365 Groups

The modern, cloud-native group type described above. Created when you create a new Team, a new Outlook group, or when users create shared workspaces. These groups have the full suite of connected services (mailbox, SharePoint, Teams, Planner, etc.).

Distribution Groups (Distribution Lists)

Legacy email distribution lists used to send email to multiple recipients. They don't have shared mailboxes, calendars or SharePoint sites. Managed in Exchange Admin Centre. Still widely used for routing emails to teams like accounts@company.co.uk or marketing@company.co.uk.

Mail-Enabled Security Groups

Used for access control to resources (like SharePoint permissions) and can also receive email. Common in hybrid on-premises environments.

Security Groups

Used to manage access to resources (SharePoint, apps, Intune policies) but don't have email addresses. Managed in Azure Active Directory.

For new deployments, Microsoft 365 Groups are the recommended approach for team collaboration. Distribution groups remain appropriate for simple email routing scenarios.

Creating and Managing Groups

Groups can be created from several places:

• Microsoft Teams — creating a new Team creates a backing Group automatically
• Outlook — the New Group option in Outlook creates a Group with a shared inbox
• SharePoint — creating a new Team Site creates a backing Group
• Microsoft 365 Admin Centre — administrators can create Groups and configure membership centrally
• Azure Active Directory — for IT administrators managing Groups at scale

Membership Management

Groups can be configured for self-service membership (users can request to join) or owner-managed membership (owners control who joins). For sensitive projects or compliance-controlled content, owner-managed membership is appropriate. IT administrators can restrict self-service group creation to prevent sprawl.

Group Sprawl: A Common Problem

In organisations that haven't established governance policies, Microsoft 365 Groups proliferate. Every time someone creates a new Team, a new Group is created with its own SharePoint site, mailbox and Planner. After 12-18 months, organisations typically have dozens of abandoned Groups from completed projects, staff who have left, or duplicated Teams that people created without checking if one already existed.

Common governance controls include:

• Restricting who can create Groups to designated administrators or approved requestors
• Configuring Group expiry policies (automatically prompting owners to confirm active Groups after a set period)
• Naming policies to enforce consistent naming conventions
• Regular audits of inactive Groups

Groups and Security

Microsoft 365 Group membership controls access to potentially sensitive content — SharePoint sites, shared mailboxes, and Teams channels. It's important to review Group membership when staff leave or change roles. Azure Active Directory access reviews (available in Azure AD Premium P2 and E5) automate this process by periodically prompting Group owners to re-certify their membership lists.

AMVIA manages Microsoft 365 governance for UK businesses, including Group policies, naming conventions and access reviews as part of our managed IT support service.