BOOK MEETING
CONTACT US
Categories
blog

INFORMATION BARRIERS AND EXTERNAL MEETINGS 

EMPOWERING AT MAXIMUM YOUR EXTERNAL MEETINGS WITH SPHERESHIELD

Interfaz de usuario grĂ¡fica, AplicaciĂ³n

DescripciĂ³n generada automĂ¡ticamente

TABLE OF CONTENT

1. Most common information risks during external meetings.

2. Information Barriers and complying with regulations (FINRA, MiFID II, HIPAA).

3. How do Information Barriers work on Microsoft Teams?

4. Capabilities and Limitations of the Information Barrier in Microsoft Teams.

5. How do you address risks when communicating externally?

In this article, we’ll talk a bit about how our Information Barriers can help your company during external meetings to avoid information leaks.

Most of the network security challenges are nothing new. What is new, however, is that the reality that the users, systems, and information teams are trying to protect is, in many ways, no longer under their control. Users are calling the shots, and network teams don’t see it happening. This type of situation, which most organizations are experiencing, is riddled with risk.

Experiencing a breach, or receiving a fine for non-compliance, can be a huge blow to the upstanding reputation your brand has worked hard to build. Both customers and industry peers will have doubts about doing business with your organization for years to come, and at AGAT we would like to help you avoid that.

Most common information risks during external meetings

  • Leaks of information: The first risk is a leak of information avoiding traditional network security technologies, such as firewalls and intrusion prevention systems, through files shared, video and audio interactions, or even chats.
  • Password sharing: Users share passwords among websites and other users especially when personal devices are involved.
  • Software: Software that is installed on computers, tablets, and phones may violate an organization’s security standards and put sensitive information, VPN connections, and more at risk.
  • Personal devices: Laptops, tablets, phones, and other devices may not be encrypted and, therefore, could expose corporate assets and network connections.
  • Screen Sharing: When sharing the screen, other users can see your screen and watch your activity in real-time which can unintentionally show private information on the screen like passwords, projects names or client names, and other sensitive data that you would like to avoid sharing.
  • Vulnerable backups: Another risk is the data that isn’t backed up or is being backed up to vulnerable or unsupported media, such as USB hard drives and consumer-based cloud services.
  • Phishing attacks: In addition to the above risks, teams also increasingly face phishing threats and related attacks, including smishing and vishing.

Combine these issues with all the distractions of working from home, and enterprises have a formidable security challenge on their hands.

Information Barriers and complying with regulations (FINRA, MiFID II, HIPAA).

Is critical for businesses to understand how they can establish the information barriers in communication platforms so they can prevent data loss and comply with regulations. Negligence can be reduced with the right policies to proactively restrict and monitor employee activities for unethical or risky behaviors. This makes it important to comply with legal and commercial rules that are constantly changing and becoming more complex.


Blurred-businessman finger touch padlock protect icon,and virtual screen interface,protecting data personal and network information,cyber security technology with data protection privacy concept

Regulations such as Europe’s MiFID or the USA’s FINRA state that financial services organizations must have an “Ethical Wall” in place to restrict communications between people with conflicts of interest. 

HIPAA compliance is more important than ever, and the Ethical Wall exists to protect the privacy of individual health information, while at the same time allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care. 

Although it started as a common practice in the financial services sector, the concept of Ethical Walls also exists in other areas such as call centers, journalism, law, insurance, and computer science.

How do Information Barriers work on Microsoft Teams?

As you might be aware, not every Information Barrier solution for Teams, Webex, and Slack out there can work in Real-Time, and what is more, many DLP’s fail to prevent your employees from sharing sensitive information with external companies.

Microsoft’s Information Barriers policies don’t work for federated users: If you allow federation with external organizations, the users of those organizations will be able to communicate without any restrictions. This means if users of your organization join a chat or meeting organized by external federated users, then Information Barriers policies also won’t restrict communication between users of your organization.

AGAT’s Ethical Wall and DLP are the only solutions in the market that offer Real-Time Information Barriers for Teams, Webex, and Slack.

What is more, AGAT’s Ethical Wall offers flexible control over which internal groups can communicate with specific external domains. This means that you can federate with a domain partially, and only allow communication between specific groups. In short, our Ethical Wall offers the following features:

  • Granular control is offered based on groups, domains, and users and applied dynamically based on the context of the communication
  • Policies can also be applied to flexibly control the types of communication such as direct messages, file sharing, screen sharing, audio, and video
  • Policies can be applied to chat, channels, and meetings depending on participant type (employee, external, or guest)
  • What is more, it works in real-time to comply with some of the strictest regulations such as FINRA, MiFID II, and HIPAA.

Capabilities and Limitations of the Information Barrier in Microsoft Teams.

Microsoft Information Barriers works by blocking files, and messages and adding team members using customizable filters such as department, alias, and email address. Many custom filters can be set to manage the policies.

As for Information Barriers and limitations, these are the general aspects:

  • Policies can only be set using PowerShell. No UI. It can be very difficult for a compliance officer to use.
  • No control of communication with the external domain during meetings.
  • No control over external users and guests.
  • No auditing of blocked operations that can assist in training. 
  • No notification for compliance admin.
  • No granular control of specific operations such as screen sharing.
  • Policies can be set only to either block files or messages. There is no control over functionalities such as audio, video, and screen sharing.
  • If previous address book policies are present, they must be deleted before configuring.
  • Policies can take several hours to apply after configuration.

As for users that want to know how to overcome these limitations and gain extra functionality from the Information Barriers, we recommend checking out SphereShield Ethical Wall for Microsoft Teams.

SphereShield Ethical Wall for Teams is a solution that provides organizations with the ability to control information flow in Teams using granular policy controls, including restricting the communication type (audio, video, or chat messages) between specific groups of users, as well as restricting communication with external contacts. In addition, the solution offers extensive auditing and reporting capabilities to give compliance officers complete visibility into Teams communication.

How do you address risks when communicating externally?

When it comes to phishing, malware, and data leakage, Microsoft Teams is no exception. When you’re not actively using Teams or are away from your computer, Teams will send an email notification containing a link to the missed message. Threat actors can exploit these Teams features to launch phishing attacks using malicious code.

The guest access functionality in Teams could also lead to data leaks and unauthorized access. For instance, sharing files with external users or guests through channels even when it is no longer required, or continuing to provide access to Teams even after the meeting has ended, could result in data leakage or the visibility of confidential files.

Microsoft also allows third-party apps to integrate with Teams to enhance the platform’s experience, which expands the attack surface. However, these apps could also be potential entry points for unauthorized access.


Side view of beautiful positive man dressed casual sitting at dining table in kitchen and having video call over laptop with his girlfriend. on table next to laptop are glass of water and coffee.

AGAT offers a Real-Time DLP and Ethical Wall solution that will back up your information, and support audio, chat, and video during meetings using OCR to avoid data leaks even orally. Also, our DLP can limit certain file types (eg: .exe .zip) from being shared while communicating with internal and external users. Our Ethical Wall covers both, internal and external communication, so policies can be created allowing one internal team to talk to outsourced employees while blocking all the other teams.

What is more, it works in real-time to comply with some of the strictest regulations, such as FINRA, MiFID II, and HIPAA.

Contact us today to see how SphereShield can help in security, compliance, and governance on your Unified Communications platform (MS Teams, Webex, Zoom, Slack, and Skype for Business).

Categories
blog

The Importance of Audio DLP for Microsoft Teams and Webex

Businesses are gradually discovering the value of being able to track audio discussions as workplace collaboration environments get more complicated. Regulators have also raised their expectations for governance and compliance standards in DLP discovery for Microsoft Teams and Webex.

Table of contents 

  1. Data Loss Prevention for written content: the tip of the iceberg
  2. The limitations of manual voice call monitoring 
  3. Compliance regulations and audio monitoring 
  4. How to effectively apply Audio DLP for Microsoft Teams and Webex

Data Loss Prevention for written content: The tip of the iceberg

Organizations today are aware that they must guard against the malicious or unintentional disclosure of sensitive information while users are using collaboration tools such as Microsoft Teams and Webex. However, many continue to make the error of concentrating solely on written material when developing a plan for compliance and surveillance of electronic communications. DLP for written communication would include preventing sensitive data from being sent to the cloud or to external users in real time as well as gaining control over what users can share.

mt6jn8cjumHz3BU lvgDWdCI89G3tj0vZ9t1wNX3XVRludGSTly5jGlo0NOyWarsWF1TRj5e7j23q6QLZdFKTlKfyOObcJL2ynBltrABlHjV2XmIKVnkY7th2aP3kxwadpLJqj3AOiGbzfaS8pxijx5Ga7ULfgp4v98lkLIP DOew r vqWekv6Br5srWg

Despite the fact that text interactions have increased, many studies show that voice calling in Microsoft Teams and Webex continues to be the preferred way of communication for both consumers and organizations.

As a result, the majority of information exchanges take place via audio, and the figures increase even more if we take the amount of meetings held via video calls into account. In this situation, improper spoken content constitutes a serious compliance violation that can be avoided when the audio transcript stream is inspected by the Data Loss Prevention engine during conversation.

Relevant feedback is provided in real-time whenever a compliance issue is detected.

The limitations of manual voice call monitoring

Currently, personally evaluating random voice calls in MS Teams and Webex excerpts is the most thorough method of voice call monitoring.

This antiquated method makes audio reviews challenging and unreliable. First off, the proportion of communications that can be examined in this way is too low to be meaningful, frequently lacks context, and as a result, the majority of the risk is not documented. Secondly, manual reviewing requires a lot of time and effort.

Employees who act inappropriately turn to phone calls because they are aware that emails and instant messages are being monitored. Even they are aware that this is a compliance blindspot.

Compliance regulations and audio monitoring 

Businesses are being urged by regulators to upgrade their voice data inspection processes. Because of this, businesses follow sophisticated governance and compliance frameworks. Audio communication monitoring is becoming more and more popular, particularly for businesses in highly regulated industries like finance and healthcare.

One crucial aspect of overall compliance with MiFID, for instance, is the periodic monitoring and recording of every client call when they place orders or conduct transactions (legislation for financial services providers within the European Union).

Another illustration is the Financial Conduct Authority (FCA) of the United Kingdom, which has reaffirmed the requirement for firms to record all audio and video interactions, regardless of source or technology, with a focus on home offices and hybrid workplaces.

Call recording and surveillance regulations that apply to regular voice calls, emails, IM, and other electronic communications, also apply to united comms platforms. 

Audio Data Loss Prevention

These realities lead us to the conclusion that manually sifting through millions of calls to find sensitive information is a bad idea. DLP software can significantly lessen the workload in this area.

With the help of AGAT’s Data Loss Prevention for Webex and MS Teams, words are recognized and conversational context, sentence structure, and keywords are examined. In this manner, the DLP engine can identify the sharing of sensitive data.

Because AGAT’s DLP solution for MS Teams and Webex operates in real-time, it is able to do more than just automatically analyze audio; it can also identify issues right away and notify the user of policy rules using feedback popups.

See how it works:

In order for businesses to comply with required risk assessments, conduct audits, and provide staff training, the Data Loss Prevention for Webex detects policy violations after the meeting and notifies users of DLP events.

hx0qNtMkNmtHjBoMvLP3KYawqvHAvBDsXWqpBUgEo2E4XtNoeVGukM31mcPyBydqEvTmV4je1PG2IO RJf1o4IQ3H50v7 qdZJg8U 1u2s9wcgYQcSfYI

Businesses may ensure that their staff members are following best practices by using powerful speech analytics tools like AGAT’s DLP, which allows them to keep an eye on their conduct during calls.

Contact us today to get a free demo

Categories
Channel Management Microsoft Teams

AGAT Channel Management for Microsoft Teams

In September of this year, a very requested feature was added to Microsoft Teams: Shared Channels. In this blog, we’ll explain everything you need to know about them, their advantages, and their limitations. We will also deal with the question of how to merge them with regular channels.

Table of contents:

1- What is a shared channel in Teams?

2- When is it best to use shared channels, group chats, and regular channels?

3- What is the difference between a shared channel and a private channel?

4- Create a shared channel in Microsoft Teams

5- Advantages and limitations of Microsoft Teams shared channels

6-  AGAT solution: How to merge and copy shared channels? 


1-What is a shared channel in Teams?

Microsoft Teams recently launched Shared Channels. Shared channels in Microsoft Teams create collaboration spaces where you can invite people who are not in the team. 

2- When is it best to use shared channels, group chats, and regular channels?

Creating a shared channel is useful if you don’t want to give people outside of your team access to certain information. In the same way, the sensitivity labels of the host team will apply to the channel even if another team is invited to collaborate.

It may be difficult to convince seasoned users with established routines and habits.

It’s crucial to emphasize when group chats and channels should be used before we get to this point.

Use group chats when

  • You require a single conversation with several parties.
  • With the people you need to talk to, there is no team (unless creating a new team is the appropriate action)
  • Not the complete team, but a handful of people you need to share information with
  • You must immediately share links or information while in a meeting.
  • You bring up the same subject as the prior message once more.

Use Regular Teams channels when

  • You convey information to a larger team (physical team as well as Microsoft team)
  • Longer-form collaboration with multiple responses is necessary.
  • You need to upload and update files while working on projects or presentations with others.
  • You begin a new project that is only accessible to certain team members.
  • Members outside of a group chat can require access to history and files (in this case, any member of the team can access the channel activity and files)

Group chats and channels in all of the aforementioned instances support both external and guest users. As a result, a Teams admin must give permission for a member of another organization who uses Teams to join a group chat or channel.

For discussions where everyone on the team can participate, use conventional channels. When you require a focused area for work with a small set of team members, use private channels. When you need to work with others outside the team, use shared channels.

3- What is the difference between a shared channel and a private channel?

Microsoft made a public announcement about the availability of private channels for Teams at the Ignite conference in November 2019. Some people are unsure of when they should use shared, private, or regular channels for cooperation. Channels are used to create teams. There’s nothing stopping you from keeping everything in the General channel, and this can work for low-traffic teams.

You can choose channel moderators rather than merely owners, and only moderators will be able to contribute new content. The team will be in shambles if members and owners do not maintain strict discipline. A restricted area of a team that is only accessible to a portion of the team is known as a private channel. A team can have up to 30 private channels, each of which can accommodate up to 250 tenant and visitor accounts.

Managing channel membership resembles managing a team’s membership, with the exception that a person must first join the team in order to join a private channel within the team. Team owners cannot read content that is part of a private channel without joining one in order to safeguard their privacy.

UlYuyl26xUpr5COkGvz5h UbSelJRgmGFbuH2lsctookqvxhJL 5nREaNDi66k4vBcr1NqsWKboTEXKl31 82IaxZFRMtJXP5mIy3 Zunzkfh2Y dL29e1I40XSMiUAKqZHKIVi091coqE3AEafT1SNQNp7L1i2qe vnHTq4Lj1m6XbaSjtIj7Ymh8oKbQ

4- Create a shared channel in Microsoft Teams


If you wish to collaborate with people inside and outside of your team or organization, create a shared channel. When using Microsoft Teams, businesses frequently experience stress due to the proliferation of useless teams and the inability to accurately identify their constituents.

Another common issue is that businesses would like to limit file uploads to services like Team Drives, SharePoint, and OneDrive for fear that sensitive data could fall into the wrong hands.

The best way to avoid these and other problems is to restrict access to team/channel creation, member/guest addition, and file uploading.

Companies who wish to be cautious when adding Guests to their tenant, as well as those that have stringent rules about which employees can exchange files in Microsoft Teams, are two examples of the types of enterprises that often make use of governance controls.

Create a shared channel

  1. Select the More options button > Add channel option while you are in the team you want to establish the shared channel for.
NGUzVyJCoxPA6W3XsLtvLzYRDvQ J5ECiixAl8e16g 2ikdcGNL0t2vJLrvkwB eGUfW UdV4UrpczcaGc57PlhGfJyLQn08C6M8wx60zQRu0yEOKErrSamflsHrexgj 5caEJc ABYogQWWO 24JbZcQVuEoVwRjksxQF 8KEjUw8DCUMtZnuN2qKPOw
  1. Give your channel a name and a description.
  2. Select the right-hand down arrow next to Privacy, then select Shared – People you select from your org or other orgs have access. Select Create next.
PtmlqzWPVlcMmFdH4u h8 4M8w3nulEoevqcXCI2btScD2OBjMsPDNgAbQRpE3xDQnxNkuRGf i8byeTzBIjwnkD814P9e4Jae3snx kJhLb7Be 5fOTC qiZkEWqflF52q6q
  1. Enter the names of the organization members you wish to add to the channel in the text box and choose from the list. Enter their email addresses and choose from the list to add individuals from outside your organization. Next, choose Share.
2NkBWgcpRo53k5tJK9 v2KqdIZVmDrxOZLeMf6drkr ReIj4I65onfKio8GaaubYQfhzBbKBkU0Lohvfsw5
  1. By clicking the down arrow to the right of Member and selecting Owner, you can convert a Member into an Owner. Next, click Done.
uwJYRuuIuEz1MPyGYTed6HgyR8bMMdYSkdbxZp9yjvcQP8WnzW84m8QJi4nGlzQy7s3cOvXeXCl0FTRTW8bLD63nVIgWQOj8dImcq7 bFtWRgz6vemsWyZsBe UAXc3i7cao28v85TqG4gb9V u5ocHGXZBAGBLGm FBAjhUVZ3VsKObYeJFDKGDYG1T8g

5- Advantages and limitations of Microsoft Teams shared channels

Microsoft Teams is a collaboration and cooperation platform used by too many enterprises globally, and each one of them needs its Teams environment to reflect the dynamic nature of business operations.

Finding a single organization that maintains a static structure from the start, without the need for optimizations, mergers, or any other changes arising as they operate and their projects develop would be quite challenging.

Microsoft does not provide the option to rebuild Teams in order to take account of this reality, despite the fact that consumers continue to ask for a solution. When organizations add too many Teams and channels that they no longer use, their platforms can soon become bloated and need to be changed to reflect their current organizational structure.

Users can move items around quickly and according to their organization’s schedule using AGAT’s SphereShield.

Take for example a company that is engaged in the creation of a new software product. These projects are frequently completed quickly, and depending on where a feature is in its lifetime, different teams are assigned to handle different aspects of it.

How could they benefit from SphereShield’s Channel Management and Teams Governance on their journey?

6- AGAT solution:  How to merge and copy shared channels? 

Merge Channels using Channel Management

It might be challenging to manage channels in Microsoft Teams at times. That’s why it’s so important for us to discuss the security and compliance add-ons, such as DLP and making e-discovery user-friendly, as well as how we can utilize SphereShield to copy, and merge a Microsoft Teams channel.

For example the Team discovers as they continue to work that they have divided the creation of some new features into various channels. They then come to the realization that they wish to handle them as parts of a single, larger feature. As a result, they could combine those channels and preserve all the information in one location.

56K lCfVEVsp2VSRfvoz0lQ8aVTaupYF35ce wAvq6BrKWMOT8RGFSDZSShaNoXH8YE6NQMdyp3 vq37SMmWzIx0tJG04VX0S1QabNoMkONYm6cf PHMi XjCqO1cfaYVG

Copy Team Channels

Why would your company replicate a Team Channel? In essence, this would be a template channel with everything set up the way our business needs to work—with default files, folders, and a planner—plus whatever else you might want to include.

Files can be copied by selecting them, clicking on “move” or “copy,” and then choosing a different team as the destination by clicking up twice until the list of teams appears. To move files, go to the Files tab under the relevant channel.

After choosing the team and channel, click move or copy to transfer the files.

With AGAT’s Channel Management and Governance you can control Team and Channel creation. Configure who can be a Team owner, add users or guests as well as who can be a guest in external tenants. Control file upload to Teams, OneDrive and SharePoint. IT administrators may find it challenging to manage Microsoft Teams as it expands. While constraining end-user capabilities can make them turn to shadow IT, the ease with which users can create new teams can generate sprawl.

Implementing a lifecycle management strategy that enables you to keep a well-organized tenant and enables users to work effectively is the best course of action.

Here are the main features of our Teams Governance for MT so you can start creating shared channels with the necessary compliance your business needs.

Main Capabilities

✔ Specify who can create Teams and channels

✔ Give permissions as to who can add users – Internal or Guests

✔ Manage File upload permissions for both Teams, OneDrive and SharePoint

✔ Get access control by blocking users from joining other tenants

Feature List

Creation and Ownership

Users|AD Groups allowed to create Teams

Users|AD Groups allowed to create Channels

Users|AD Groups allowed to be Team owners

Adding users

Users|AD Groups allowed to add users to Teams

Users|AD Groups allowed to add Guests to Team

File Uploading

Allow files to be uploaded to MS Teams | One Drive | SharePoint*

Users|AD Groups allowed to upload files to MS Teams | One Drive | SharePoint*

*Each option is independent, meaning files can be uploaded to Teams and OneDrive but not SharePoint. Also, Independent groups can be allowed to upload Files to MS Teams | OneDrive | Sharepoint

Access control

Permit Guest Access to Other Tenants**

Block joining anonymously to meetings**

Companies that wish to be cautious when adding guests to their tenant, as well as those that have stringent rules about which employees can exchange files in Microsoft Teams, are two examples of the types of enterprises that often make use of governance controls.

Access control is one of AGAT’s supplementary features that helps ensure no employee accidentally gains Guest access to other tenants or secretly attends an external meeting. And these are great features that Microsoft Teams have not implemented yet.

To get a free trial of AGAT channel management  contact us today. Our sales team will contact you with all the information you need.