SOLVED
Home

Block Group Communications

%3CLINGO-SUB%20id%3D%22lingo-sub-359799%22%20slang%3D%22en-US%22%3EBlock%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-359799%22%20slang%3D%22en-US%22%3E%3CP%3EHas%20anyone%20heard%20of%20the%20ability%20to%20block%20particular%20groups%20from%20communicating%20with%20each%20other%3F%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EGroup%20A%20cant%20talk%20to%20Group%20B%2C%20we%20have%20compliance%20restrictions%20where%20users%20cannot%20communicate%20and%20have%20implemented%20restrictions%20via%20exchange%20but%20we%20would%20like%20to%20block%20this%20via%20teams%20as%20well.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-359799%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ETeam%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-360701%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-360701%22%20slang%3D%22en-US%22%3E%3CP%3EIt's%20a%20%22suggested%20contact%22%2C%20the%20last%20group%20on%20your%20%22recent%22%20chats%20tab%20%3A)%3C%2Fimg%3E%20Which%20doesn't%20seem%20to%20care%20about%20the%20fact%20that%20my%20account%20was%20out%20of%20the%20scope%20of%20the%20ABP.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAs%20for%20transport%20rules%20analog%20-%20think%20of%20how%20we%20will%20get%20DLP%20implemented%20in%20Teams.%20Same%20story%20basically.%20If%20you%20can%20scan%20a%20message%20for%20DLP%20violations%20and%20take%20actions%20on%20it%2C%20you%20can%20most%20certainly%20scan%20it%20for%20%22ethical%20wall%22%20violations.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-360637%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-360637%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%2C%20Everyone%20for%20all%20the%20replies!%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-360271%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-360271%22%20slang%3D%22en-US%22%3EI%20recall%20something%20about%20Information%20Barriers%20being%20mentioned%20at%20a%20session%20at%20%23IgniteTheTour%20London%20last%20week%20-%20It%20would%20have%20either%20been%20in%20a%20Teams%20session%20or%20an%20Office%20365%20Groups%20session%20(I%20didn't%20go%20to%20any%20Exchange%20sessions)%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-360258%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-360258%22%20slang%3D%22en-US%22%3E%3CP%3EThere%20is%20a%20uservoice%20for%20Ethical%20Walls%20in%20Teams%2C%20not%20many%20votes.%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fmicrosoftteams.uservoice.com%2Fforums%2F555103-public%2Fsuggestions%2F35138182-ethical-wall-enforcement%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoftteams.uservoice.com%2Fforums%2F555103-public%2Fsuggestions%2F35138182-ethical-wall-enforcement%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20a%20vague%20memory%20of%20hearing%20something%20about%20a%20Teams%20ethical%20wall%20feature%20at%20Ignite%2C%20but%20I%20can't%20find%20anything%20about%20it%20now%20so%20maybe%20it%20was%20the%20ABP%20they%20were%20refering%20to.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20another%20thread%20discussing%20this%20topic%20a%20third-party%20tool%20was%20mentioned%20that%20allows%20you%20to%20setup%20policies%20to%20block%20external%20and%20internal%20group%20of%20users%20to%20communicate.%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fagatsoftware.com%2Fsphereshield-microsoft-teams%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fagatsoftware.com%2Fsphereshield-microsoft-teams%2F%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FMicrosoft-Teams-AMA%2FEthical-Walls%2Ftd-p%2F55756%22%20target%3D%22_blank%22%3Ehttps%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FMicrosoft-Teams-AMA%2FEthical-Walls%2Ftd-p%2F55756%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-360247%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-360247%22%20slang%3D%22en-US%22%3E%3CP%3ESo%20I%20see%20how%20an%20admin%20can%20make%20a%20mistake%2C%20either%20adding%20people%20manually%20or%20creating%20a%20dynamic%20rules%20that%20does%20so%2C%20or%20by%20excluding%20certain%20users%20from%20the%20ABP%20that%20then%20break%20the%20policy%20as%20owners.%20I'm%20not%20sure%20what%20'suggested%20contacts'%20would%20be%20in%20the%20context%20of%20Teams.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20can't%20see%20how%20or%20where%20a%20'transport%20rule'%20type%20thing%20would%20exist%20in%20a%20platform%20like%20teams%2C%20channel%20conversations%20aren't%20like%20email%20messages%2C%20there's%20no%20sender%20and%20recipient%20to%20trap%20in%20a%20list.%20You%20are%20more%20looking%20for%20a%20means%20to%20detect%20or%20prevent%20users%20from%20each%20side%20of%20the%20ABP%20being%20in%20the%20same%20teams%2Fgroups.%20This%20would%20seem%20entirely%20scriptable%2C%20if%20perhaps%20a%20bit%20slow%20to%20process%20in%20a%20large%20environment.%20Maybe%20a%20simple%20naming%20scheme%20on%20the%20teams%20would%20help.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI've%20not%20heard%20of%20anything%20being%20considered%2C%20but%20adding%20a%20request%20or%20votes%20to%20uservoice%20would%20be%20one%20way%20to%20make%20the%20product%20group%20aware%20of%20the%20requirement.%20Maybe%20look%20at%20using%20the%20new%20supervision%20options%20to%20more%20closely%20monitor%20people%20in%20a%20role%20that%20should%20not%20interact%2C%20or%20the%20upcoming%20DLP%20policies%20to%20block%20sensitive%20information%20types%20in%20Teams.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-360237%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-360237%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20policy%20applies%20to%20some%2C%20not%20necessarily%20*all*%20users.%20Being%20added%20to%20teams%20by%20the%20owner%20or%20admin%2C%20using%20dynamic%20team%20membership%2C%20even%20things%20such%20as%20%22suggested%20contacts%22%20all%20allow%20you%20to%20bypass%20the%20ABP%20restrictions.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-360030%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-360030%22%20slang%3D%22en-US%22%3E%3CP%3EI'm%20not%20entirely%20sure%20how%20they%20could%20be%20in%20a%20common%20team%2C%20wouldn't%20the%20policy%20prevent%20team%20owners%20adding%20people%20from%20'the%20other%20side'%20%3F%20Also%20you%20could%20fairly%20easily%20create%20a%20script%20to%20check%20that%20this%20remained%20the%20case.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-359861%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-359861%22%20slang%3D%22en-US%22%3E%3CP%3EHey%20Yes%2C%20I%20did%20know%20you%20could%20block%20%22seeing%22%20other%20users%20from%20a%20Gal%20block%2C%20but%20right%20am%20curious%20about%20the%20transport%20or%20other%20blocking%20methods%20teams%20may%20be%20working%20on.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20the%20response!%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-359816%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-359816%22%20slang%3D%22en-US%22%3E%3CP%3ETeams%20does%20have%20support%20for%20%22ethical%20walls%22%2C%20using%20the%20same%20ABP%20controls%20that%20Exchange%20uses.%20Where%20it%20fails%20short%20is%20the%20ability%20to%20block%20the%20actual%20communication%2C%20as%20we%20don't%20have%20any%20analog%20of%20transport%20rules%20for%20Teams.%20In%20other%20words%2C%20you%20can%20use%20ABPs%20to%20prevent%20users%20from%20seeing%20each%20other%20in%20the%20client%2C%20but%20if%20they%20are%20a%20member%20of%20a%20common%20Team%2C%20you%20cannot%20prevent%20them%20from%20communicating.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-771730%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-771730%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F294817%22%20target%3D%22_blank%22%3E%40danthetechman%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMS%20Teams%20has%20Information%20barriers%20in%20teams%20for%20ethical%20walls.%26nbsp%3B%20See%20the%20link%20below%3A%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoftteams%2Finformation-barriers-in-teams%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmicrosoftteams%2Finformation-barriers-in-teams%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-771885%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-771885%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F381515%22%20target%3D%22_blank%22%3E%40Sbacon17a4%3C%2FA%3E%26nbsp%3B%20Awesome%20thanks!%20Is%20this%20GA%20I%20thought%20I%20was%20still%20in%20preview.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-773564%22%20slang%3D%22en-US%22%3ERe%3A%20Block%20Group%20Communications%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-773564%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F294817%22%20target%3D%22_blank%22%3E%40danthetechman%3C%2FA%3E%26nbsp%3Bunfortunately%2C%20I%20do%20not%20know.%26nbsp%3B%20I%20found%20the%20information%20while%20researching%20ethical%20walls%20for%20a%20client.%26nbsp%3B%20I've%20provide%20the%20documentation%20and%20they%20are%20working%20through%20it.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

Has anyone heard of the ability to block particular groups from communicating with each other? 

 

Group A cant talk to Group B, we have compliance restrictions where users cannot communicate and have implemented restrictions via exchange but we would like to block this via teams as well.

 

Thanks 

12 Replies
Highlighted
Solution

Teams does have support for "ethical walls", using the same ABP controls that Exchange uses. Where it fails short is the ability to block the actual communication, as we don't have any analog of transport rules for Teams. In other words, you can use ABPs to prevent users from seeing each other in the client, but if they are a member of a common Team, you cannot prevent them from communicating.

Highlighted

Hey Yes, I did know you could block "seeing" other users from a Gal block, but right am curious about the transport or other blocking methods teams may be working on. 

 

Thanks for the response! 

Highlighted

I'm not entirely sure how they could be in a common team, wouldn't the policy prevent team owners adding people from 'the other side' ? Also you could fairly easily create a script to check that this remained the case.

Highlighted

The policy applies to some, not necessarily *all* users. Being added to teams by the owner or admin, using dynamic team membership, even things such as "suggested contacts" all allow you to bypass the ABP restrictions. 

Highlighted

So I see how an admin can make a mistake, either adding people manually or creating a dynamic rules that does so, or by excluding certain users from the ABP that then break the policy as owners. I'm not sure what 'suggested contacts' would be in the context of Teams.

 

I can't see how or where a 'transport rule' type thing would exist in a platform like teams, channel conversations aren't like email messages, there's no sender and recipient to trap in a list. You are more looking for a means to detect or prevent users from each side of the ABP being in the same teams/groups. This would seem entirely scriptable, if perhaps a bit slow to process in a large environment. Maybe a simple naming scheme on the teams would help.

 

I've not heard of anything being considered, but adding a request or votes to uservoice would be one way to make the product group aware of the requirement. Maybe look at using the new supervision options to more closely monitor people in a role that should not interact, or the upcoming DLP policies to block sensitive information types in Teams.

Highlighted

There is a uservoice for Ethical Walls in Teams, not many votes.

https://microsoftteams.uservoice.com/forums/555103-public/suggestions/35138182-ethical-wall-enforcem...

 

I have a vague memory of hearing something about a Teams ethical wall feature at Ignite, but I can't find anything about it now so maybe it was the ABP they were refering to.

 

In another thread discussing this topic a third-party tool was mentioned that allows you to setup policies to block external and internal group of users to communicate.

https://agatsoftware.com/sphereshield-microsoft-teams/

https://techcommunity.microsoft.com/t5/Microsoft-Teams-AMA/Ethical-Walls/td-p/55756

 

 

Highlighted
I recall something about Information Barriers being mentioned at a session at #IgniteTheTour London last week - It would have either been in a Teams session or an Office 365 Groups session (I didn't go to any Exchange sessions)
Highlighted

Thanks, Everyone for all the replies! 

Highlighted

It's a "suggested contact", the last group on your "recent" chats tab :) Which doesn't seem to care about the fact that my account was out of the scope of the ABP.

 

As for transport rules analog - think of how we will get DLP implemented in Teams. Same story basically. If you can scan a message for DLP violations and take actions on it, you can most certainly scan it for "ethical wall" violations.

Highlighted

@danthetechman 

 

MS Teams has Information barriers in teams for ethical walls.  See the link below: 

 

https://docs.microsoft.com/en-us/microsoftteams/information-barriers-in-teams

Highlighted

@Sbacon17a4  Awesome thanks! Is this GA I thought I was still in preview. 

 

Thanks 

Highlighted

@danthetechman unfortunately, I do not know.  I found the information while researching ethical walls for a client.  I've provide the documentation and they are working through it.