Updates from: 02/03/2021 04:11:37
Service Microsoft Docs article Related commit history on GitHub Change details
SharePoint https://docs.microsoft.com/en-us/SharePoint/info-barriers-report https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointOnline/info-barriers-report.md
@@ -1,9 +1,10 @@
Title: "Create an information barriers policy compliance report"
+description: "Learn how to find noncompliant sites after information barriers policies change."
+++ --- audience: Admin f1.keywords: - NOCSH
@@ -15,13 +16,13 @@ search.appverid:
- BSA160 - GSP150 - MET150
-description: "Learn how to find noncompliant sites after information barriers policies change."
# Create an information barriers policy compliance report
-If a compliance administrator changes an information barriers policy, the change might affect the compatibility of segments already associated with a site.
-For example, a policy might allow communication and collaboration between the Sales and Research segments. Later, the policy might not allow communication and collaboration between these segments. The segments are incompatible and shouldn't be associated with the same site.
+If a compliance administrator changes an information barriers policy, the change might affect the compatibility of segments already associated with a site.
+
+For example, a policy might allow communication and collaboration between the Sales and Research segments. Later, the policy might not allow communication and collaboration between these segments. The segments are incompatible and shouldn't be associated with the same site.
The SharePoint information barriers policy compliance report lets SharePoint admins view the list of sites that are noncompliant with the updated policy. The report covers these sites:
@@ -30,7 +31,7 @@ The SharePoint information barriers policy compliance report lets SharePoint adm
- Modern team sites that aren't connected to Microsoft 365 groups - OneDrive
-The report displays the list of sites that are noncompliant. For each noncompliant site, it shows compatible segments, incompatible segments, and invalid segments (those that no longer exist)
+The report displays the list of sites that are noncompliant. For each noncompliant site, it shows compatible segments, incompatible segments, and invalid segments (those segments that no longer exist)
If a OneDrive is noncompliant, the report lets you remove other segments so that only the user's segment is associated with the OneDrive.
@@ -42,16 +43,16 @@ If a OneDrive is noncompliant, the report lets you remove other segments so that
1. [Download the latest SharePoint Online Management Shell](https://go.microsoft.com/fwlink/p/?LinkId=255251). > [!NOTE]
- > If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell." <br>On the Download Center page, select your language and then click the Download button. You'll be asked to choose between downloading a x64 and x86 .msi file. Download the x64 file if you're running the 64-bit version of Windows or the x86 file if you're running the 32-bit version. If you don't know, see [Which version of Windows operating system am I running?](https://support.microsoft.com/help/13443/windows-which-operating-system). After the file downloads, run it and follow the steps in the Setup Wizard.
+ > If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell". <br>On the Download Center page, select your language and then click the Download button. You'll be asked to choose between downloading a x64 and x86 .msi file. Download the x64 file if you're running the 64-bit version of Windows or the x86 file if you're running the 32-bit version. If you don't know, see [Which version of Windows operating system am I running?](https://support.microsoft.com/help/13443/windows-which-operating-system). After the file downloads, run it and follow the steps in the Setup Wizard.
2. Connect to SharePoint Online as a [global admin or SharePoint admin](/sharepoint/sharepoint-admin-role) in Microsoft 365. To learn how, see [Getting started with SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online).
-
+ 3. Run the following command to build the report: ```PowerShell Start-SPOInformationBarriersPolicyComplianceReport ```
-
+ Or, to automatically update any noncompliant OneDrive accounts when you build the report, run: ```PowerShell
SharePoint https://docs.microsoft.com/en-us/SharePoint/information-barriers https://github.com/MicrosoftDocs/OfficeDocs-SharePoint/commits/live/SharePoint/SharePointOnline/information-barriers.md
@@ -1,9 +1,10 @@
Title: "Use information barriers with SharePoint"
+description: "Learn about associating segments with a site, and what happens when segments are associated with a site."
+++ --- audience: Admin f1.keywords: - NOCSH
@@ -15,12 +16,11 @@ search.appverid:
- BSA160 - GSP150 - MET150
-description: "Learn about associating segments with a site, and what happens when segments are associated with a site."
# Use information barriers with SharePoint
-Information barriers are policies in Microsoft 365 that a compliance admin can configure to prevent users from communicating and collaborating with each other. This is useful if, for example, one division is handling information that shouldn't be shared with specific other divisions, or a division needs to be prevented, or isolated, from collaborating with all users outside of the division. Information barriers are often used in highly regulated industries and those with compliance requirements, such as finance, legal, and government. [Learn more about information barriers](/microsoft-365/compliance/information-barriers).
+Information barriers are policies in Microsoft 365 that a compliance admin can configure to prevent users from communicating and collaborating with each other. This solution is useful if, for example, one division is handling information that shouldn't be shared with specific other divisions, or a division needs to be prevented, or isolated, from collaborating with all users outside of the division. Information barriers are often used in highly regulated industries and those organizations with compliance requirements, such as finance, legal, and government. [Learn more about information barriers](/microsoft-365/compliance/information-barriers).
The following image illustrates three segments in an organization: HR, Sales, and Research. An information barrier policy has been defined that blocks communication and collaboration between the Sales and Research segments. These segments are incompatible.
@@ -28,7 +28,7 @@ The following image illustrates three segments in an organization: HR, Sales, an
With SharePoint information barriers, a SharePoint or global admin can associate segments to a site to prevent the site from being shared with or accessed by users outside the segments. Up to 100 compatible segments can be associated with a site. The segments are associated at the site level (previously called site collection level). The Microsoft 365 group connected to the site is also associated with the site's segment.
-In the above example, the HR segment is compatible with both Sales and Research. However, because the Sales and Research segments are incompatible, they can't be associated with the same site.
+In the above example, the HR segment is compatible with both Sales and Research. However, because the Sales and Research segments are incompatible, they can't be associated with the same site.
## Prerequisites
@@ -63,7 +63,7 @@ To edit the segments associated with the site, select **Edit**, add or remove se
Get-OrganizationSegment | ft Name, EXOSegmentID ```
-3. Save the list of segments.
+3. Save the list of segments.
|Name |EXOSegmentId | |||
@@ -74,30 +74,30 @@ To edit the segments associated with the site, select **Edit**, add or remove se
4. [Download the latest SharePoint Online Management Shell](https://go.microsoft.com/fwlink/p/?LinkId=255251). > [!NOTE]
- > If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell." <br>On the Download Center page, select your language and then click the Download button. You'll be asked to choose between downloading a x64 and x86 .msi file. Download the x64 file if you're running the 64-bit version of Windows or the x86 file if you're running the 32-bit version. If you don't know, see [Which version of Windows operating system am I running?](https://support.microsoft.com/help/13443/windows-which-operating-system). After the file downloads, run it and follow the steps in the Setup Wizard.
+ > If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell". <br>On the Download Center page, select your language and then click the Download button. You'll be asked to choose between downloading a x64 and x86 .msi file. Download the x64 file if you're running the 64-bit version of Windows or the x86 file if you're running the 32-bit version. If you don't know, see [Which version of Windows operating system am I running?](https://support.microsoft.com/help/13443/windows-which-operating-system). After the file downloads, run it and follow the steps in the Setup Wizard.
5. Connect to SharePoint Online as a [global admin or SharePoint admin](/sharepoint/sharepoint-admin-role) in Microsoft 365. To learn how, see [Getting started with SharePoint Online Management Shell](/powershell/sharepoint/sharepoint-online/connect-sharepoint-online).
-
+ 6. Run the following command: ```PowerShell Set-Sposite -Identity <site URL> -AddInformationSegment <segment GUID> ```
- Example:
- Set-SPOSite -Identity https:<i></i>//contoso<i></i>.sharepoint<i></i>.com/sites/ResearchTeamSite
+ Example:
+ Set-SPOSite -Identity https:<i></i>//contoso<i></i>.sharepoint<i></i>.com/sites/ResearchTeamSite
-AddInformationSegment 27d20a85-1c1b-4af2-bf45-a41093b5d111
-An error will appear if you attempt to associate a segment that isn't compatible with the siteΓÇÖs existing segments.
+An error will appear if you attempt to associate a segment that isn't compatible with the site's existing segments.
To remove segment from a site, run the following command. ```PowerShell Set-Sposite -Identity <site URL> -RemoveInformationSegment <segment GUID>
- ```
+ ```
Example: Set-SPOSite -Identity https:<i></i>//contoso<i></i>.sharepoint<i></i>.com/sites/ResearchTeamSite --RemoveInformationSegment 27d20a85-1c1b-4af2-bf45-a41093b5d111
+-RemoveInformationSegment 27d20a85-1c1b-4af2-bf45-a41093b5d111
## Segments associated with Microsoft Teams sites
@@ -121,15 +121,15 @@ When a segment is associated with a site:
- The option to share with "Anyone with the link" is disabled. - The site and its content can be shared only with users whose segment matches that of the site. For example, if a site is associated with only HR, the site can be shared with other HR users only (even though HR is compatible with both Sales and Research).-- New users can be added to the site as site members only if their segment matches that of the site.
+- New users can be added to the site as site members only if their segment matches that of the site.
-When a site has no segments associated:
+When a site has no segments associated:
-- The site and its contents can be shared based on the information barrier policy applied to the user. For example, if a user in HR is allowed to communicate with users in Research, the user will be able to share the site with those users.
+- The site and its contents can be shared based on the information barrier policy applied to the user. For example, if a user in HR is allowed to communicate with users in Research, the user will be able to share the site with those users.
## Access to sites that have segments associated
-For a user to access a SharePoint site that segments associated:
+For a user to access SharePoint sites that have segments associated:
- The user's segment must match a segment that is associated with the site.
@@ -143,12 +143,12 @@ Non-segment users can't access a site that is associated with segments. They wil
Users will see search results from: -- Sites that have an associated segment that matches the user's segment and the user has access permission to the site. -- Sites that don't have associated segments if they have access to the site.
+- Sites that have an associated segment that matches the user's segment and the user has access permission to the site.
+- Sites that don't have associated segments if they have access to the site.
## Effects of changes to user segments or information barrier policies
-If a SharePoint site ownerΓÇÖs segment changes, the user won't be able to access the site if their segment doesn't match any of the segments associated with the site. To allow the user to access the site, a SharePoint admin must associate the user's new segment with the site.
+If a SharePoint site owner's segment changes, the user won't be able to access the site if their segment doesn't match any of the segments associated with the site. To allow the user to access the site, a SharePoint admin must associate the user's new segment with the site.
If a compliance administrator changes an existing policy, the change may impact the compatibility of the segments associated with a site. For example, segments that were once compatible may no longer be compatible. A SharePoint admin must change the segments associated with an affected site accordingly. [Learn how to create an information barriers policy compliance report in PowerShell](info-barriers-report.md)