Back

Information Barriers in Microsoft Purview

By design Microsoft 365 enables communication and collaboration across groups of users and organizations In the same light it provides ways through...

6 min read
Published on May 24, 2022
information-barriers-microsoft-purview

By design, Microsoft 365 enables communication and collaboration across groups of users and organizations. In the same light, it provides ways through which administrators can restrict communication and collaboration between different groups of users when necessary. Scenarios where this restriction is necessary to include when one might need to restrict communication and collaboration between different groups to avoid conflict of interest. Similarly, when the administrator intends to safeguard internal information, they might leverage said restriction. Microsoft Purview Information Barriers (IBs) are policies in place configured by an administrator to prevent individuals from collaborating or communicating with each other.

The IBs are supported in Microsoft Teams, SharePoint Online, and OneDrive for Business. Often, we see the compliance administrator or IB administrator be in charge of defining these policies in a bid to either allow or prevent communications between groups of users. Within Microsoft Teams, IBs can determine and prevent a few unauthorized collaborations. These include adding a user to a team or channel, user access to meetings, user access to 1:1 and group chats, and access to team or channel content.

Background of Information Barriers

IBs have their origin in the financial services industry. The Financial Industry Regulatory Authority (FINRA) reviews IBs and conflicts of interest within member firms. The authority provides guidance on managing such conflicts within the financial sector.

After the introduction of IBs, other industries have found these policies beneficial. For instance, within the education industry, students from one school aren’t able to look up contact details of students from other schools. Users in the legal field can use IBs to maintain the confidentiality of data from the different clients. The government can also utilize IBs to access and control information across the different departments. Finally, within professional services, the organization can group people based on their permission and authorization to access information.

Altogether, you use IBs when a team wants to prevent communication or data sharing with the other team. Additionally, the IBs come in handy when the administrator doesn’t want to communicate or share data with anyone else. You require an Information Barrier Policy Evaluation Service to determine whether the communication within your organization complies with IB policies. Note that before you set or define these policies, you’ve got to enable scoped directory search in Microsoft Teams. The IBs administrator role is responsible for managing these policies. On Teams, IB policies activate if:

Newly Added Team Members

The moment you add a user to an existing team, you must evaluate the user’s policy against the preexisting IB policies. Once a user is successfully added, they can proceed to perform all functions within the team without having to conduct further checks.

New Chat Requests

The moment a user requests a new chat with other users, the chat needs evaluation to ensure that it doesn’t violate the preexisting IB policies. The conversation stops when the chat is flagged as being in violation of the IB policy.

Inviting a User to Join a Meeting 

The IB policy takes effect once a user receives an invitation to join a meeting. This new user has to be evaluated against the IB policies in place to decide whether or not they should be allowed to join the meeting.

A Shared Screen Between Users

When users share a screen, this sharing must receive an evaluation to ensure that it doesn’t violate IB policies.

Required Licenses and Permissions 

Before you start with IBs, you first have to confirm your Microsoft 365 subscription and additional add-ons that you’ve got. To access and use IB, here’s what you need:

Altogether, these provide the rights for a user to benefit from Information Barriers.

Known Issues for Information Barriers in

Microsoft Purview

a video not blocked by information barriers in Microsoft Purview

Users Can’t Join Ad-Hoc Meetings 

Once enabling your IB policies, you might encounter an issue where users can’t join ad-hoc meetings. This happens when the size of the meeting roster is greater than the meeting attendance limits.

Users Can’t Join Channel Meetings 

If IB policies are in place, users might not be allowed to join channel meetings if they are not team members. What happens is the moment a user requests to join a channel meeting, IB checks to show if they can be added to a meeting chat rooster. The reverse occurs without IB policies enabled for the organization. If a non-team member attempts to join a channel meeting, the user can join the meeting.

IB Policies Don’t Work for Federated Users 

If you allow federation with external organizations, IB policies do not restrict users within these organizations. Additionally, if users of the organization join a chat or meeting organized by external federated users, IB policies might not apply. Specifically, there won’t be any restriction on communications between users in your organization.

Managing Microsoft Purview Information Barriers

As there are a couple of issues you are likely to experience, you’ve got to be open to consistently making changes to the policies. Consider this the most logical step after defining IB policies. Collectively, consider managing your IBs including troubleshooting and regular maintenance.

Note that the management of the IBs is the responsibility of your IB compliance management, who can then edit user account attributes, set policies on inactive statues, remove a policy or stop a policy application.

Microsoft Purview IBs provides a central and unified solution for data governance. It allows your organization to create a holistic, up-to-date map of your data landscape. Besides, your administrators can better manage and secure your data estate. Think of it this way, while Purview brings governance and compliance under one umbrella, IBs ensure easier management of all the different facets therein. These IBs help with comprehensive management, control, and protection of your data.

Overall, while IBs have their origin in the finance sector, it now benefits a myriad of industries. Whether it is an internal team with trade secrets who shouldn’t communicate online or a research team that should only call or chat online with a specific department, your organization should benefit from having some control over information sharing.

Learn More About Information Barriers in Microsoft Purview

Agile IT helps meet the needs of highly regulated industries in Microsoft 365 and Azure. To find out how you can meet the regulatory needs of your industry with the license you already have, please request a quote.

Related Posts

Risks of not using a CMMC RPO

The Risks of Not Using a CMMC RPO for Compliance and Certification Readiness

A CMMC RPO helps organizations prepare for certification and avoid compliance failures. Learn why working with an RPO is essential for achieving CMMC compliance.

Mar 20, 2025
8 min read
CMMC 2.0 Require GCC High for Compliance

Does CMMC 2.0 Require GCC High for Compliance?

Does CMMC 2.0 require GCC High? Learn the cloud options for compliance, data security, and protecting CUI under NIST 800-171 and DFARS.

Mar 17, 2025
10 min read
Office 365 License Comparison: Business Plans Vs. E5, E3 and E1

CMMC RPO vs a C3PAO: Understanding Their Roles in Compliance

Understanding the difference between an RPO and a C3PAO is crucial for CMMC compliance. Learn why they should be separate and how an RPO helps prepare for certification.

Mar 15, 2025
6 min read
Can You Meet CMMC with Google Workspace?

Can You Meet CMMC with Google Workspace?

Is Google Workspace CMMC compliant? Learn about its DFARS, NIST 800-171, and ITAR limitations and how migrating to GCC High ensures full compliance.

Mar 4, 2025
7 min read
Is Maintaining a GCC High Tenant Worth It for Non-Government

Evaluating the Need for a GCC High Tenant in Non-Government Organizations

Explore whether maintaining a GCC High tenant is necessary for organizations not involved in government work. Understand the pros and cons, costs, and compliance considerations.

Feb 25, 2025
7 min read
Top 10 Reasons to Partner with an MSP for Security and Compliance

Top 10 Reasons to Partner with an MSP for Security and Compliance

Discover why partnering with an MSP for security and compliance is critical for organizations navigating FAR CUI and CMMC requirements.

Feb 21, 2025
8 min read

Ready to Secure and Defend Your Data
So Your Business Can Thrive?

Fill out the form to see how we can protect your data and help your business grow.

Loading...
Secure. Defend. Thrive.

Let's start a conversation

Discover more about Agile IT's range of services by reaching out.

Don't want to wait for us to get back to you?

Schedule a Free Consultation

Location

Agile IT Headquarters
4660 La Jolla Village Drive #100
San Diego, CA 92122

Secure. Defend. Thrive.

Don't want to wait for us to get back to you?

Discover more about Agile IT's range of services by reaching out

Schedule a Free Consultation