Nanddeep Nachan

Nanddeep Nachan

Microsoft MVP (M365 Apps and Services) | Consultant - M365, MS Azure, Power Platform | Speaker | Author | Blogger | Trainer | CSM

Microsoft MVP

Information Barriers in SharePoint and OneDrive

2 minute read

Information Barriers in SharePoint and OneDrive

Overview

Information barriers helps to restrict or allow users from certain segments from interacting with each other. It is a useful feature to maintain compliance across the organization.

In this article, we will define information barrier for SharePoint Online and OneDrive.

Enable Information Barriers in SharePoint and OneDrive

SharePoint Administrators or Global Administrators can enable information barriers in SharePoint Online.

Download and install the latest version of SharePoint Online Management Shell. Run below command to enable information barriers in SharePoint and OneDrive:

Set-Spotenant -InformationBarriersSuspension $false

Wait for approximately 1 hour for the changes to take effect.

Manage segments

On the Active Sites tab in SharePoint admin center, the Segments column displays the first segment associated with the site.

The segments can be managed from Policies section at an individual site.

Select the Edit to add / remove segments to SharePoint site.

PowerShell to manage segments on SharePoint site

On the PowerShell, run below command

Import-Module Az

Import-Module ExchangeOnlineManagement

Connect-AzAccount -Tenant "TENANT.onmicrosoft.com"

Connect-IPPSSession

Get-OrganizationSegment | ft Name, EXOSegmentID

Apply the segment to SharePoint site by running below command:

Connect-SPOService

Set-SPOSite -Identity <site URL> -AddInformationSegment <segment GUID>

Note: Specify OneDrive site URL to apply segment to OneDrive sites.

To get the segment associated with the site, use below command:

Set-SPOSite -Identity <site URL> | Select InformationSegment

Auditing

Below audit events are available in Office 365 audit log:

  • Segments are added to a site
  • Segments are changed on a site
  • Segments are removed from a site

Site creation and management

Below points will be applicable on the site creation and management:

  • When a segmented user creates a SharePoint site, the site is associated with the user’s segment.
  • Site owners can add more segments to the site.
  • Site owners cannot remove added segments from sites.
  • Up to 100 compatible segments can be associated with a site.
  • Segments associated with the Microsoft Team team’s members are automatically associated with the site within 24 hours.
  • SharePoint admins can’t change the segments associated with a site when the site is connected to a team.

Site sharing

Sharing a site will have below effects when a segment is associated with site:

  • Share with “Anyone with the link” option is disabled.
  • The site and its content can be shared only with users whose segment matches that of the site.
  • New users can be added to the site as site members only if their segment matches that of the site.

Summary

Information barriers helps to restrict or allow users from certain segments from interacting with each other. Segments can be applied to SharePoint and OneDrive sites to allow or restrict communication between two groups.

References

Leave a comment

You may also enjoy