0

I would like to know how many information barriers are required to prevent two teams from communicating with each other.

I am referring to two articles in the docs which, to my understanding, seem to contradict each other:

When you want to block segments from communicating with each other, you define two policies: one for each direction. Each policy blocks communication one way only.

https://learn.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies#scenario-1-block-communications-between-segments

and:

Information barriers only supports two way restrictions. One way restrictions, such as marketing can communicate with day traders, but day traders cannot communicate with marketing is not supported.

https://learn.microsoft.com/en-us/microsoft-365/compliance/information-barriers

So I guess I am asking:

Are information barrier policies:

A) one way (so you would need 2 policies to block communication between 2 Teams)?

B) two way (so you would need 1 policy to block communication between 2 Teams)?

user1063287
  • 10,265
  • 25
  • 122
  • 218

2 Answers2

0

Two information barriers are required to prevent two teams from communicating with each other.

For PowerShell cmdlets https://learn.microsoft.com/en-us/microsoft-365/compliance/information-barriers-policies?view=o365-worldwide#scenario-1-block-communications-between-segments.

Kartheek R
  • 292
  • 1
  • 4
  • This link was in my original question, can you please clarify the disparity between the two quotes and sources that *seem* to contradict each other and state why the first quote is correct but the second quote is not? – user1063287 Sep 02 '20 at 04:31
0

For applying information barrier policies. We have to do 2 steps.

  1. Create segment Segment is nothing but Active Directory attribute Department or location etc. it is group of people with applied condition.

New-OrganizationSegment -Name "HR" -UserGroupFilter "Department -eq 'HR'" New-OrganizationSegment -Name "NotSales" -UserGroupFilter "Department -ne 'Sales'"

2.Create Information barrier policy i)Oneway -if i want control one segment communicate with other segment of people

New-InformationBarrierPolicy -Name "Sales-Research" -AssignedSegment "Sales" -SegmentsBlocked "Research" -State Inactive In this example, we defined a policy called Sales-Research for a segment called Sales. When active and applied, this policy prevents people in Sales from communicating with people in a segment called Research.

ii)Two way policy - For controlling two way we need two policies to applied between the segments

segment1 ---> segment2

segment2----> segment1

Once Policy is created fallow below steps to activate

Set-InformationBarrierPolicy -Identity GUID -State Active

once it is in active state run below command to start policy application.

Start-InformationBarrierPoliciesApplication

After 30mins please check the user status

Get-InformationBarrierRecipientStatus -Identity meganb -Identity2 alexw

Kartheek R
  • 292
  • 1
  • 4