AGAT

Categories
blog Ethical Wall File Sharing/Blocking Microsoft Teams

Mastering Information Barriers: Advanced Sharing Limitations in SharePoint 

Mastering Information Barriers

Ensuring secure collaboration while safeguarding sensitive information is paramount. Microsoft offers Information Barriers to control document access, prevent unauthorized sharing, and maintain data integrity. While straightforward scenarios are well supported, some cases allow users to communicate via SharePoint documents even when set to be blocked. 
In this blog, we will explain one scenario that is not covered by Information Barriers  

Let’s delve into a scenario where Bob and Alice lack permission for a document, but Jim has access and shares it, highlighting the effectiveness of Information Barriers. 

Understanding Information Barriers 

Information Barriers in SharePoint allow organizations to control communication and collaboration between different groups of users. By defining policies, admins can restrict access to specific content based on user attributes such as department, role, or team membership. This ensures compliance and prevents conflicts of interest by enforcing segregation of duties. 

While Microsoft Information Barriers offer some controls for access management in SharePoint, it’s essential to acknowledge their limitations. One notable gap is the potential for accidental access granted between restricted users and sensitive documents. This is due to MS Teams Information barriers policy setting being too broad, only having limited sharing control such as sharing with anyone, sharing with the company, shared with a group but it does not provide granular control. 

The Scenario:

A user can share a file with members of separate groups that are blocked from communicating with each other 

The Players: 

Jim: A senior manager with access to sensitive financial reports. 

Bob and Alice: one is an investor, and the other is a researcher, and they are set not to be able to communicate with each other. 

The Incident: 

Jim needs input from both Bob and Alice on a project that involves data from the financial reports. He decides to collaborate with them by sharing the relevant document on SharePoint. Giving them access to a document that they otherwise should not have. 

He shares the file with Bob and then shares the same file with Alice. As a result, Bob and Alice have a file shared that enables them to communicate and share info on it. 

The Solution 

AGAT’s Ethical Wall /Information Barrier Enforcement validates all the users that have access to file on any permission changes event. This is done in real-time blocking the communication between Bob and Alice as explained above  Despite the attempt to share, the restricted user will be unable to access the document due to their restricted permissions. 

AGAT Information Barriers ensure that sensitive or restricted information remains protected, mitigating the risk of unauthorized access or data breaches. 

Conclusion 

AGAT’s Ethical Wall/ Information Barriers in SharePoint provide advanced sharing options that enable organizations to maintain data integrity and confidentiality. By effectively segregating users and controlling access to sensitive content, businesses can foster secure collaboration while mitigating the risk of unauthorized disclosure. Implement Information Barriers in your SharePoint environment to bolster your data protection strategies and safeguard critical information. 

Learn More

Categories
Microsoft Teams File Sharing/Blocking

How to disable / block file sharing in Microsoft Teams?

Capabilities and limitations of using Information Barriers for blocking file sharing in Microsoft Teams, SharePoint and OneDrive

In a previous post we discussed the capabilities and limitations of Microsoft Information Barriers for O365 with great detail. However, there is a simple question we wanted to address in this post.

Many people have been requesting in the Microsoft UserVoice Forum the ability to completely disable file sharing in Microsoft Teams. This comes because of, for example, heavily regulated companies that need to disable certain types of users from sharing files back and forth.
These users can be external employees, guests, teams with very sensitive data (financial), or even governmental institutions with strict restrictions.

What is a little more complicated, is that Microsoft Teams is deeply integrated with SharePoint (for channels) and OneDrive (for chats), meaning that if a user wants to really deny filesharing for another user/group/team, that user will need to do it on the 3 channels.

Otherwise, it won’t be completely solved since the user will be able to get to SharePoint or OneDrive directly and do it

The diagram below shows how Microsoft Teams, SharePoint and OneDrive are related one to the other when it comes to file sharing

How to block file sharing in Microsoft Teams? 

So everything points to Information Barriers, the add-on Microsoft offers for compliance on their platform. 

Information Barriers has some very important features like blocking adding members to teams, blocking chats or blocking placing calls. It also has file blocking capabilities for SharePoint and OneDrive

On one hand admins can control file sharing between groups in SharePoint and OneDrive with Information Barriers for One drive and Information barriers for SharePoint.

On the other hand this does not block sharing these files in MS Teams.

The reason is that it really comes to what is the purpose of Microsoft teams.

Since Teams was built for collaboration purposes only where file sharing is the backbone of it, blocking file sharing in SharePoint or OneDrive will be of no effect for Teams.

The solution to block file sharing in Microsoft Teams

AGAT Software has developed an easy, yet powerful way to block file sharing (and other things) on Microsoft Teams.

SphereShield Ethical wall controls both upload and share operations in Teams channels, Teams chat, SharePoint and OneDrive

SphereShield can prevent a specific group that has access to financial data from being able to upload files to the cloud through any platform- MS Teams channels/Chat or the file tab of a channel of going directly to SharePoint to OneDrive

Another user case is that companies would like to restrict sharing files from one department only to users in that department. For example, HR content would be allowed only to share with other HR members but not with anyone that is not a member of HR


It’s called the Ethical Wall. The name comes because instead of creating a rigid firewall where nothing is allowed, it allows to decide which users/groups/teams/domains are not allowed to share files / write messages / do calls / share video with whom.

The possibilities are endless and everything is set up on a simple and intuitive dashboard.

For more information and to get a free live demo, contact us today