Information Barriers: Teams

Information Barriers (IBs) in Microsoft Teams

Information Barriers (IBs) in Microsoft Teams ensure secure communication by restricting users or groups from interacting based on organizational policies. Administrators configure IBs through Microsoft Purview, applying rules that align with compliance and business needs. These policies determine who can access Teams channels, participate in chats, or join meetings, ensuring sensitive data stays within authorized boundaries.

Key Functions of IBs in Teams

  1. Controlled Communication:

    • Blocks unauthorized user additions to teams and channels.

    • Restricts access to 1:1 and group chats based on policy compliance.

  2. Meeting Restrictions:

    • Evaluates participant access before allowing users to join meetings.

    • Monitors screen-sharing to ensure it complies with IB rules.

  3. Visibility and Discovery Control:

    • Prevents restricted users from appearing in people picker, contact lists, and org charts.

    • Blocks specific actions (like chats) if policies are violated.

  4. Guest Management:

    • Manages external guest access under IB policies for secure collaboration.

Operational Modes

  • Open Mode: Default for existing teams, without enforced restrictions.

  • Implicit Mode: Applies to new teams, ensuring only approved users join.

  • Owner Moderated Mode: Enables limited collaboration across segments under owner supervision.

Policy Changes and Impact on Users

When policies are modified, IBs automatically re-evaluate memberships. For example, if users no longer meet policy criteria, they lose access to chats, which become read-only, and they may be removed from teams or groups. Meeting participation is similarly restricted if policies change mid-engagement.

Use Cases and Benefits

  • Finance: Ensures compliance with regulations by preventing unauthorized communication between departments (e.g., advisory and trading teams).

  • Law Firms: Enforces ethical walls between lawyers handling different clients.

  • Education: Segregates students from different institutions or groups.

  • Government: Limits inter-departmental communication based on classification.

Technical Considerations

  • Scoped Directory Search: Must be enabled to ensure IB policies function correctly.

  • Cross-Tenant Restrictions: IBs apply only within a tenant; federated users are not impacted.

  • Teams and SharePoint Integration: IBs extend to connected SharePoint sites but need additional setup for compliance.

PreviousInformation Barriers: OneDriveNextSecurity Control References

Last updated