BOOK MEETING
CONTACT US
Categories
blog Ethical Wall Microsoft Teams

Ensuring Secure Collaboration with SphereShield Ethical Wall for Microsoft Teams

In today’s interconnected business environment, protecting sensitive information and ensuring secure collaboration is more critical than ever. Whether you are part of a large enterprise, a school, or a small business, maintaining control over communication and data sharing is essential. This is where the SphereShield Ethical Wall for Microsoft Teams comes into play, offering robust information barriers and dynamic policies to meet your needs. 

Understanding the Ethical Wall 

The SphereShield Ethical Wall provides comprehensive control over who can communicate with whom within your organization, using specific collaboration options. It allows administrators to apply policies on both external and internal users and groups, ensuring that sensitive information remains secure, and that communication complies with your organization’s regulations. 

Key Features of the SphereShield Ethical Wall 

1. Dynamic Policies: 

With SphereShield, you have granular control over communication-based on groups, domains, and individual users. Policies are applied dynamically, adapting to the context of each communication, and providing flexibility and precision in enforcing rules. 

2. Granular Policies: 

SphereShield allows you to control various types of communication, including direct messages, file sharing, screen sharing, audio, and video. This ensures that your organization can tailor policies to specific needs and scenarios. 

3. Policy Scopes: 

Policies can be applied to different scopes such as chat, channels, and meetings. Depending on the participant type (employee, external user, or guest), you can customize the level of access and interaction permitted. 

Typical Policies Implemented by the Ethical Wall 

Here are some common use cases where SphereShield Ethical Wall enhances security and compliance: 

Preventing HR from sharing files with non-HR members: Protect sensitive HR information by restricting file sharing to HR-only groups. 

  • Blocking the Finance Group from uploading files: Ensure that financial data remains secure by preventing uploads to OneDrive, SharePoint, or Teams. 
  • Allowing only Teachers to create new Teams: In a school setting, restrict the creation of new Teams to authorized staff, ensuring proper management and oversight. 
  • Blocking communications between finance and research groups: Maintain confidentiality and prevent conflicts of interest by blocking interactions between specific departments. 
  • Blocking desktop sharing for specific groups: Control the sharing of screens to prevent unauthorized access to sensitive information. 
  • Allowing specific users/groups to communicate externally: Manage external communication by specifying which users or groups can interact with outside parties. 

Common Problems Solved by the Ethical Wall 

The SphereShield Ethical Wall addresses several critical issues, including: 

  • Blocking file sharing across the Microsoft environment: Prevent unauthorized distribution of sensitive files. 
  • Protecting user privacy: Ensure that personal information remains confidential. 
  • Restricting third-party or outsourced companies: Manage the level of access and communication with external partners. 
  • Notifying participants about policy rules: Keep users informed about the communication policies in place to ensure compliance. 

Complete Auditing and Reporting 

SphereShield provides thorough auditing and reporting features, allowing you to monitor and obtain information on any violation attempts. This is crucial for training and raising awareness among employees about the importance of adhering to communication policies. Administrators can receive real-time notifications when incidents occur, ensuring prompt response and resolution. 

Simple and Powerful Management 

The SphereShield Ethical Wall offers a user-friendly web interface for configuring rules, making it easy for compliance administrators to set up and manage policies. Once created, rules are automatically implemented with minimal delay, ensuring that your organization always remains secure. 

Covering All Microsoft Teams Scopes 

SphereShield Ethical Wall for Microsoft Teams comprehensively covers all communication scopes, including chat, meetings, and Teams & Channels. This ensures that all areas of communication within Microsoft Teams are secured and compliant with your organization’s policies. 

Deployment Options: SaaS or On-Premise 

SphereShield Ethical Wall offers flexibility in deployment, available as a SaaS solution requiring no installation, or as an on-premise installation within your DMZ or cloud environment (Azure, AWS, etc.). This ensures that you can choose the deployment method that best suits your organization’s infrastructure and security requirements. 

Conclusion 

In conclusion, the SphereShield Ethical Wall for Microsoft Teams is a powerful tool for ensuring secure collaboration and communication within your organization. With its dynamic and granular policies, comprehensive auditing and reporting, and flexible deployment options, SphereShield provides the control and security needed to protect sensitive information and comply with internal and external regulations. By implementing SphereShield, you can confidently manage communication interactions, prevent unauthorized data sharing, and maintain the integrity and confidentiality of your organization’s information. 

Learn More

Categories
Sharepoint blog How To

SharePoint Sharing Simplified: Ensuring Secure Collaboration 

Sharepoint sharing agat

Sharing links is a fantastic feature that enables seamless file and folder sharing with just a single click. This convenience eliminates the need to attach files to emails and facilitates collaboration across various messaging apps. However, this ease of Sharepoint sharing increases the necessity for stringent control measures. That’s why Microsoft developed features to control who can share. But is that enough? 

Sharing and collaborating on documents simultaneously with colleagues is straightforward. You can request feedback and post links to help others access your content. However, this convenience comes at a price: users may unknowingly share sensitive information with unintended recipients. 

Let’s explore what actions only a SharePoint service administrator or Global Administrator can take. 

Admin – SharePoint (applied to the entire organization) 

In the External Sharing section, administrators can control who users can send links to: 

  • Anyone: Users can send links to anyone without requiring authentication. 
  • New and existing guests: Any links will be disabled, and all sharing links will require authentication. 
  • Only People in your organization: Users cannot share with people outside the organization. 
image 3

Sharing Options for Individual Users 

Administrators can manage sharing settings for individual sites by navigating to Sites -> Active Sites -> choose a site -> Sharing

Despite the various options provided by Microsoft, you cannot entirely disable the option to share links within your organization. Regardless of the settings you configure, users will always have the option to share links with others in the same organization. 

image 1

How to Disable Company Links for a Site? Only by Using PowerShell 

Even with the necessary permissions, a Site Administrator cannot restrict the use of company links through the standard sharing settings. This option can only be changed using PowerShell. 

Using PowerShell to Disable Company Links for a Site 

image
  1. Prompt for credentials: 

Powershell copy code 

$credential = Get-Credential 

  1. Connect to SharePoint Online Admin Centre: 

Powershell copy code 

Connect-SPOService -Url https://your-admin-sharepoint.com -Credential $credential 

  1. Get all site collections: 

Powershell copy code 

$sites = Get-SPOSite -Limit All 

  1. Loop through each site collection and disable sharing: 

Powershell copy code 

foreach ($site in $sites) { 

    Set-SPOSite -Identity $site.Url -DisableCompanyWideSharingLinks Disabled 

    Write-Output “Disabled sharing for site: $($site.Url)” 

By executing these steps, you restrict the use of company links, making “People you choose” the default link option. The “People in the company” option will be greyed out, preventing users from sharing company-wide links. 

image 2

In conclusion, while sharing links simplifies collaboration, it is crucial to implement proper controls to prevent unintentional sharing of sensitive information.  

Learn more 

Categories
blog Ethical Wall File Sharing/Blocking Microsoft Teams

Mastering Information Barriers: Advanced Sharing Limitations in SharePoint 

Mastering Information Barriers

Ensuring secure collaboration while safeguarding sensitive information is paramount. Microsoft offers Information Barriers to control document access, prevent unauthorized sharing, and maintain data integrity. While straightforward scenarios are well supported, some cases allow users to communicate via SharePoint documents even when set to be blocked. 
In this blog, we will explain one scenario that is not covered by Information Barriers  

Let’s delve into a scenario where Bob and Alice lack permission for a document, but Jim has access and shares it, highlighting the effectiveness of Information Barriers. 

Understanding Information Barriers 

Information Barriers in SharePoint allow organizations to control communication and collaboration between different groups of users. By defining policies, admins can restrict access to specific content based on user attributes such as department, role, or team membership. This ensures compliance and prevents conflicts of interest by enforcing segregation of duties. 

While Microsoft Information Barriers offer some controls for access management in SharePoint, it’s essential to acknowledge their limitations. One notable gap is the potential for accidental access granted between restricted users and sensitive documents. This is due to MS Teams Information barriers policy setting being too broad, only having limited sharing control such as sharing with anyone, sharing with the company, shared with a group but it does not provide granular control. 

The Scenario:

A user can share a file with members of separate groups that are blocked from communicating with each other 

The Players: 

Jim: A senior manager with access to sensitive financial reports. 

Bob and Alice: one is an investor, and the other is a researcher, and they are set not to be able to communicate with each other. 

The Incident: 

Jim needs input from both Bob and Alice on a project that involves data from the financial reports. He decides to collaborate with them by sharing the relevant document on SharePoint. Giving them access to a document that they otherwise should not have. 

He shares the file with Bob and then shares the same file with Alice. As a result, Bob and Alice have a file shared that enables them to communicate and share info on it. 

The Solution 

AGAT’s Ethical Wall /Information Barrier Enforcement validates all the users that have access to file on any permission changes event. This is done in real-time blocking the communication between Bob and Alice as explained above  Despite the attempt to share, the restricted user will be unable to access the document due to their restricted permissions. 

AGAT Information Barriers ensure that sensitive or restricted information remains protected, mitigating the risk of unauthorized access or data breaches. 

Conclusion 

AGAT’s Ethical Wall/ Information Barriers in SharePoint provide advanced sharing options that enable organizations to maintain data integrity and confidentiality. By effectively segregating users and controlling access to sensitive content, businesses can foster secure collaboration while mitigating the risk of unauthorized disclosure. Implement Information Barriers in your SharePoint environment to bolster your data protection strategies and safeguard critical information. 

Learn More