Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

of

Information Barriers in MS Teams Slide 1 Information Barriers in MS Teams Slide 2 Information Barriers in MS Teams Slide 3 Information Barriers in MS Teams Slide 4 Information Barriers in MS Teams Slide 5 Information Barriers in MS Teams Slide 6 Information Barriers in MS Teams Slide 7 Information Barriers in MS Teams Slide 8 Information Barriers in MS Teams Slide 9 Information Barriers in MS Teams Slide 10 Information Barriers in MS Teams Slide 11 Information Barriers in MS Teams Slide 12 Information Barriers in MS Teams Slide 13 Information Barriers in MS Teams Slide 14 Information Barriers in MS Teams Slide 15 Information Barriers in MS Teams Slide 16 Information Barriers in MS Teams Slide 17 Information Barriers in MS Teams Slide 18 Information Barriers in MS Teams Slide 19 Information Barriers in MS Teams Slide 20 Information Barriers in MS Teams Slide 21 Information Barriers in MS Teams Slide 22 Information Barriers in MS Teams Slide 23 Information Barriers in MS Teams Slide 24 Information Barriers in MS Teams Slide 25 Information Barriers in MS Teams Slide 26 Information Barriers in MS Teams Slide 27 Information Barriers in MS Teams Slide 28 Information Barriers in MS Teams Slide 29 Information Barriers in MS Teams Slide 30 Information Barriers in MS Teams Slide 31 Information Barriers in MS Teams Slide 32 Information Barriers in MS Teams Slide 33 Information Barriers in MS Teams Slide 34 Information Barriers in MS Teams Slide 35 Information Barriers in MS Teams Slide 36 Information Barriers in MS Teams Slide 37 Information Barriers in MS Teams Slide 38 Information Barriers in MS Teams Slide 39 Information Barriers in MS Teams Slide 40 Information Barriers in MS Teams Slide 41 Information Barriers in MS Teams Slide 42 Information Barriers in MS Teams Slide 43 Information Barriers in MS Teams Slide 44 Information Barriers in MS Teams Slide 45 Information Barriers in MS Teams Slide 46 Information Barriers in MS Teams Slide 47 Information Barriers in MS Teams Slide 48 Information Barriers in MS Teams Slide 49 Information Barriers in MS Teams Slide 50
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

0 Likes

Share

Download to read offline

Information Barriers in MS Teams

Download to read offline

Information Barriers in MS Teams, SharePoint, and OneDrive for Business

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all
  • Be the first to like this

Information Barriers in MS Teams

  1. 1. @indiacloudsec #ICSS202 @indiacloudsec #ICSS2021 Presented By Microsoft 365 , Power Platform & Cloud Security India User group
  2. 2. @indiacloudsec #ICSS202 SPEAKERS PANEL Information Barriers in MS Teams Track 1 (Microsoft 365 Security) Session Time: 1:30 PM to 2:30 PM IST Nanddeep Nachan Smita Nachan Microsoft MVP, MCT Microsoft MVP, MCT Session No. 33672
  3. 3. @indiacloudsec #ICSS202 Agenda • Information Barriers in Microsoft 365 • Information Barriers Configurations • Segment the users • Define Information Barrier Policies • Information Barriers in MS Teams • Information Barriers in SharePoint and OneDrive
  4. 4. @indiacloudsec #ICSS202 Office 365 Consultant Speaker | Author | Blogger Nanddeep Nachan • Pune, India • Twitter Handle: @NanddeepNachan • LinkedIn: /in/NanddeepNachan • Microsoft MVP, MCT • SharePoint, Microsoft 365, MS Azure
  5. 5. @indiacloudsec #ICSS202 Office 365 Consultant Speaker | Author | Blogger Smita Nachan • Pune, India • Twitter Handle: @SmitaNachan • LinkedIn: /in/SmitaNachan • Microsoft MVP, MCT • SharePoint, Microsoft 365
  6. 6. @indiacloudsec #ICSS202 Information Barriers in Microsoft 365
  7. 7. @indiacloudsec #ICSS202 Information Barriers (IB) in Microsoft 365 • Allow or prevent communications between groups of users • Supported in Microsoft Teams, SharePoint Online, and OneDrive for Business. Image Reference: https://docs.microsoft.com/en-us/microsoftteams/information-barriers-in-teams
  8. 8. @indiacloudsec #ICSS202 • Trader group x Marketing team • Financial organizations • Trade secret material • Banking sector • Sales and Research • Education • Legal firm • Government • Professional services Information Barriers Scenarios
  9. 9. @indiacloudsec #ICSS202 Determine and prevent the following kinds of unauthorized communications: • Searching for a user • Adding a member to a team • Starting a chat session with someone • Starting a group chat • Inviting someone to join a meeting • Sharing a screen • Placing a call • Sharing a file with another user • Access to file through sharing link What happens with IB in MS Teams?
  10. 10. @indiacloudsec #ICSS202 Determine and prevent the following kinds of unauthorized collaborations: • Adding a member to a site • Accessing site or content by a user • Sharing site or content with another user • Searching a site What happens with IB in SharePoint Online and OneDrive?
  11. 11. @indiacloudsec #ICSS202 Use Case: Sales - Research - HR
  12. 12. @indiacloudsec #ICSS202 Information Barriers Configurations
  13. 13. @indiacloudsec #ICSS202 Configure information barriers for Microsoft 365 Configure prerequisites and permissions Segment users in your organization Create and configure information barrier policies Apply information barrier policies
  14. 14. @indiacloudsec #ICSS202 Information barriers are included in below subscriptions: • Microsoft 365 E5/A5 • Office 365 E5/A5 • Office 365 Advanced Compliance • Microsoft 365 Compliance E5/A5 • Microsoft 365 Insider Risk Management 1. Required licenses Configure prerequisites and permissions
  15. 15. @indiacloudsec #ICSS202 To define or edit information barrier policies, you must be assigned one of the following roles: • Microsoft 365 global administrator • Office 365 global administrator • Compliance administrator • IB Compliance Management 2. Required permissions Configure prerequisites and permissions
  16. 16. @indiacloudsec #ICSS202 Organization’s structure must be reflected in Azure AD : 3.1. Attributes for information barrier policies 3.2 Add or update a user's profile information using Azure Active Directory 3. Directory Data Configure prerequisites and permissions
  17. 17. @indiacloudsec #ICSS202 List of attributes: 3.1. Attributes for IB policies Configure prerequisites and permissions
  18. 18. @indiacloudsec #ICSS202 Organization’s structure must be reflected in Azure AD : 3.2. Use Profile info in AAD Configure prerequisites and permissions Use PowerShell to change properties of user accounts: Set-AzureADUser
  19. 19. @indiacloudsec #ICSS202 Enable scoped directory search in Microsoft Teams 4. Scoped directory search Configure prerequisites and permissions Wait for 24 hours
  20. 20. @indiacloudsec #ICSS202 • EXO license for the target user 5. EXO license Configure prerequisites and permissions • Must be turned ON • https://compliance.microsoft.com/auditlogsearch 6. Audit logging
  21. 21. @indiacloudsec #ICSS202 • Make sure NO Exchange address book policies are in place 7. No address book policies Configure prerequisites and permissions • Install-Module -Name Az • Install-Module ExchangeOnlineManagement • Connect-AzAccount -Tenant "TENANT.onmicrosoft.com" • Connect-IPPSSession 8. PowerShell Modules
  22. 22. @indiacloudsec #ICSS202 9. Admin consent for IB in MS Teams Configure prerequisites and permissions PowerShell Connect-AzAccount -Tenant "<tenant>.onmicrosoft.com" $appId = "bcf62038-e005-436d-b970-2a472f8c1982" $sp = Get-AzureADServicePrincipal -Filter "appid eq '$($appid)'" if ($sp -eq $null) { New-AzureADServicePrincipal -ApplicationId $appId } Start-Process "https://login.microsoftonline.com/common/adminconsent?client_id=$appId"
  23. 23. @indiacloudsec #ICSS202 Segment the users
  24. 24. @indiacloudsec #ICSS202 • Determine policies • List down policies • "Block" policies • "Allow" policies • Identify segments • List down segments • Plan segments • A user can only be in one segment • Each segment can have only one information barrier policy applied • Determine AAD attribute to define segments Segment users Segment users in your organization
  25. 25. @indiacloudsec #ICSS202 Use Case: Sales - Research - HR Based on the Department attribute, we will define 3 segments: 1. HR segment 2. Sales segment 3. Research segment
  26. 26. @indiacloudsec #ICSS202 Define HR Segment Segment users in your organization
  27. 27. @indiacloudsec #ICSS202 Define Sales Segment Segment users in your organization
  28. 28. @indiacloudsec #ICSS202 Define Research Segment Segment users in your organization
  29. 29. @indiacloudsec #ICSS202 Define Information Barrier Policies
  30. 30. @indiacloudsec #ICSS202 • Block communications between segments • Allow a segment to communicate only with one other segment Define IB Policies Define information barrier policies
  31. 31. @indiacloudsec #ICSS202 Use Case: Sales - Research - HR Based on the segments, we will define 3 policies: 1. Sales Research 2. Research Sales 3. HR Research Sales
  32. 32. @indiacloudsec #ICSS202 Policy# 1: Sales Research Define IB policies
  33. 33. @indiacloudsec #ICSS202 Policy# 2: Research Sales Define IB policies
  34. 34. @indiacloudsec #ICSS202 Policy# 3: HR Sales, Research Define IB policies
  35. 35. @indiacloudsec #ICSS202 See all Information barrier policies Define IB policies
  36. 36. @indiacloudsec #ICSS202 Activate IB policies Define IB policies Wait for 30 minutes for the system to start applying the policies.
  37. 37. @indiacloudsec #ICSS202 Apply active IB policies in the Microsoft 365 compliance center Define IB policies
  38. 38. @indiacloudsec #ICSS202 View application status of IB Define IB policies
  39. 39. @indiacloudsec #ICSS202 Test Information Barrier Policies in MS Teams
  40. 40. @indiacloudsec #ICSS202 Information Barrier Policies in SharePoint and OneDrive
  41. 41. @indiacloudsec #ICSS202 Enable IB in SharePoint and OneDrive PowerShell Set-Spotenant -InformationBarriersSuspension $false Wait for 1 hour
  42. 42. @indiacloudsec #ICSS202 Manage Segments
  43. 43. @indiacloudsec #ICSS202 PowerShell to manage segments on SharePoint site PowerShell # Import modules Import-Module Az Import-Module ExchangeOnlineManagement Connect-AzAccount -Tenant "TENANT.onmicrosoft.com" Connect-IPPSSession # Get the segments Get-OrganizationSegment | ft Name, EXOSegmentID # Apply the segment to SharePoint / OneDrive site Connect-SPOService Set-SPOSite -Identity <site URL> -AddInformationSegment <segment GUID>
  44. 44. @indiacloudsec #ICSS202 Audit events available in Office 365 audit logs: • Segments are added to a site • Segments are changed on a site • Segments are removed from a site Auditing
  45. 45. @indiacloudsec #ICSS202 • When a segmented user creates a SharePoint site, the site is associated with the user's segment. • Site owners can add more segments to the site. • Site owners cannot remove added segments from sites. Site creation and management
  46. 46. @indiacloudsec #ICSS202 Segments associated with Microsoft Teams sites • Segments associated with the Microsoft Team team's members are automatically associated with the site within 24 hours. • SharePoint admins can't change the segments associated with a site when the site is connected to a team.
  47. 47. @indiacloudsec #ICSS202 Site Sharing When a segment is associated with a site: • Share with "Anyone with the link" option is disabled. • The site and its content can be shared only with users whose segment matches that of the site. • New users can be added to the site as site members only if their segment matches that of the site. When a site has no segments associated: • The site and its contents can be shared based on the information barrier policy applied to the user.
  48. 48. @indiacloudsec #ICSS202 References
  49. 49. @indiacloudsec #ICSS202 References • https://docs.microsoft.com/en-us/microsoft- 365/compliance/information-barriers • https://docs.microsoft.com/en-us/MicrosoftTeams/information-barriers- in-teams • https://docs.microsoft.com/en-us/onedrive/information-barriers • https://docs.microsoft.com/en-us/sharepoint/information-barriers
  50. 50. @indiacloudsec #ICSS202 Thank You Sponsors!

Information Barriers in MS Teams, SharePoint, and OneDrive for Business

Views

Total views

73

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

2

Shares

0

Comments

0

Likes

0

×