AGAT

CONTACT US
CONTACT US

Tag: microsoft teams

Categories
Microsoft Teams Security

How to Control External Meeting Communications

Screenshot 2021 09 06 113230 1

How Ethical Wall can be used to control external meeting communications in Microsoft Teams

One of the issues that businesses are now facing is blocking sensitive corporate information from being released and complying with regulations in business policies while internal users join a  meeting hosted externally with people from outside their organization. 

How can SphereShield Ethical Wall help You gain control of external meetings?

Companies can prevent people with access to high risk information files from sharing any of these files through MS Teams Channels/Chat or the file tab of a channel, using the SphereShield Ethical Wall. Restriction of file sharing can be to external users or to both external and internal users who are not part of the specific department.

Other Ethical Wall policies include: 

  • Allowing audio and video but at the same time blocking chat, file sharing and screen sharing.
  • Allowing only specific users/groups to communicate externally.

As per the demo video, we can see that Bob (internal user) and Reuvain (external user) are in a meeting. However, when Bob tries to send a chat message to Reuvain, a pop-up notification appears at the bottom corner of the screen stating that the communication was blocked due to company policy. The user will get this message every time they violate one of the Ethical Wall policy rules. Going back to the portal, in the activity auditing section the admin will be able to see all the blocked activities, why they were blocked and the users involved in the process.

While in a business meeting with external users, companies want to be in control of every message sent and all communication attempts in order to prevent important information from being leaked. Here comes the role of SphereShield’s Ethical Wall in blocking any messaging and file sharing activities based on the policies set by the company.

Contact Us today to see how SphereShield can help in security, compliance and governance on your Unified Communications platform (MS Teams, Webex, Zoom, Slack & Skype for Business).

For more information about SphereShield’s Ethical Wall for Microsoft Teams visit: https://agatsoftware.com/microsoft-teams-ethical-wall/

And check out the teams guest access checklist

Categories
DLP Microsoft Teams

Microsoft Teams DLP limitations: Controlling users when being Guests outside the organization.

MS Teams DLP

Microsoft Teams DLP limitations: Controlling users when being Guests outside the organization

Controlling your users as a Guests in other tenants on external meetings

Microsoft Data Loss Prevention is rich in features and has a very wide adoption. In this article we will address two coverage limitations: First when a user is a Guest in an external tenant, and second, when an user joins a meeting hosted by external user.

microsoft DLP policies external internal 01

Introduction


This is not the first time we are talking about Microsoft’s Data Loss Prevention (DLP) add-on for Microsoft Teams. This is the previous delivery we had talking about the issue with near-real-time DLP

Now we want to put focus on an aspect that, although could be underestimated, it can significantly increase Dala Leak issues inside organizations.

Data is not inspected when your company users are guest in another company tenant 

The problem is the following: 

Suppose company A has Data Loss Prevention policies activated for their Microsoft Teams, but company B doesn’t.

Now, an employee from company A communicates with an employee from company B as a guest.

The issue will be that the DLP won’t act when that communication happens. 

Employee from company A will be able to send messages or files that violate company’s DLP without any barriers while he is a guest in company B

Data is not inspected by MS DLP when your company users joining anonymously meeting of other companies

A very frequent problem is that if a user is joining an external meeting as anonymous, this won’t be handled by native MS DLP

DLP for external chat sessions (chat with an external user) will only work if both the sender and the receiver are in Teams Only mode and using Microsoft Team’s Native Federation.

That means that if a user is joining an external meeting , this could not be handled by native Microsoft’s Data Loss Prevention

Why is it more serious than thought

Although DLP violations inside the company are already serious enough, DLP breaches to other companies will be all the more so.

Just think about an employee sending trade secrets, insider information, or any other sensitive information to other 3rd party companies.

The solution

SphereShield for Microsoft Teams Real-Time DLP addresses the problem in a complete way. It works both internally and externally, not leaving any room for DLP violations.
In addition users can opt-in for advanced DLP features that detect issues in audio conversations in real-time, as well as DLP detection for screen-sharing using OCR.

For more information, visit 

ms teams inline dlp

ms teams compliance recording and analysis

To get a free live demo, contact us

Microsoft Teams DLP limitations: Controlling users when being Guests outside the organization

Categories
blog Case Study

The case for Archiving beyond regulation and compliance requirements.

Archiving is seen as a procedure that only applies to companies that need to follow specific regulations and compliance requirements. The IT bluder in KPMG that deleted 145,000 users’ personal chats in Microsoft Teams gives the verdict to our case.

YmZwnKf3EFQB4vT SmgzZkrR7mx 3RiJKZGvTw14UHHCZF0hTSmFb9pJmfuyZ0F8P71nAVjDke6o RdISEk64acQulKDpzyuAn VXC1OxsaGwXfpWFqqxVrw7W 1 RJDpjwY7G64

What is archiving and why isn’t it so widely spread

Archiving is another way to refer to a trustworthy “back-up” that is also legally valid, ie. in case of a trial, can be used as evidence. Archives remain on separate domains, outside the danger of being altered or deleted.

Having said that, archives are usually seen more as compliance requirements that need special infrastructure, and in simple terms, cost more.

Economic laws tend to indicate that an extra fix cost is unnecessary and therefore it is mostly regulated companies (for example banks, financial institutions, medical institutions) that widely adopt archiving software or systems.

So why isn’t archiving a part of the Unified Communications Software features?

Since archives have a great and strategic value, the issue is about risk diversification rather than technical feasibility. If one goes and gives the same UC vendor the function to archive, when one fails (which is very often) both (UC Service and archive) can fail and provoke bigger losses.

This being said, 3rd party service providers like AGAT, offer Archiving and eDiscovery for Microsoft Teams, Slack, Webex, Zoom and Skype for Business. SphereShield by AGAT works for both messages, files, audio and video, being the most complete solution that can apply eDiscovery for audio recording AI generated scripts or video sharing through special optical character recognition.

Archiving is more necessary than usually thought.

It came to the news that a human error provoked the deletion of around 145,000 users’ personal chats in Microsoft Teams in KPMG, one of the biggest corporations in the world (Get the whole story here). This error is most likely to have come with a high price tag: important data lost, necessary archives gone and the list would still go on.

The necessity to archive (as a back-up) is the millenary necessity to be ready for a rainy day. That is why people sometimes leave their umbrellas in their cars although it could be a sunny day, the benefit outweighs the costs.

It is obvious that human errors like those need to be investigated and new methodologies must emerge to prevent them, but errors will still appear.

Conclusion: archive today, thank yourself tomorrow.

The conclusion is that, unless it will be impossible to afford, archiving has to be part of every company as a standard.

It is right that also employees need to be taught to reduce the amount of crucial information that is shared throughout chats, but that comes with a parable:

It is more effective to put higher fences on a balcony than always be reminding children of how dangerous it is to climb to see what’s below.

Cases like the one in KPMG are easily solved when companies count with archiving policies and data remains safe from human mistakes.

AGAT is offering the most complete solution out there for archiving and eDiscovery that includes both written and audio/video conversations.


Contact Us to see how AGAT can help your company with archiving and eDiscovery

Get a free trial

Sign-up for a free trial and demo with an AGAT expert

    Select your service

    For support please login to our support portal

    Get in touch

    Har-Hotzvim Hi-Tech Park, Jerusalem, Israel

    +972-2-579-9123

    info@agatsoftware.com

    Facebook Twitter Youtube Linkedin

    Compliance

    Ethical Wall

    Real Time DLP

    Archive & eDiscovery

    Recording AI Compliance Analysis

    Productivity

    AI Meeting Assistant

    Channel Management

    AI Sentiment Analysis

    Privacy Policy

    Terms and Conditions

    Resources​

    Company overview

    Partners

    Careers

    Blog

    Contact

    © 2013-2023 AGAT ALL RIGHTS RESERVED