How to Configure Information Barriers (IBs) in Microsoft Teams
Microsoft Teams is built for collaboration, but in regulated industries, not everyone should communicate freely. Information Barriers (IBs) help enforce those boundaries by restricting communication between defined groups, keeping your organization compliant and secure.
This post explains what IBs are, how to configure them, and how to ensure everything works smoothly in your Microsoft 365 environment.
🔍 What Are Information Barriers?
Information Barriers prevent certain users or groups from communicating and collaborating in Teams, SharePoint, and OneDrive. They enforce ethical walls within your organization.
Example use case:
A financial firm might block communication between the Advisory and Trading departments to prevent insider information sharing.
IBs control:
- Chats, calls, and meetings
- Team and channel membership
- File sharing and access permissions
⚙️ Prerequisites
Before configuration, make sure your environment meets these requirements.
Licensing
- Microsoft 365 E5, or
- Office 365 E5 + Compliance Add-on
Required Roles
- Global Administrator
- Compliance Administrator
- Information Barriers Compliance Management
Directory Accuracy
Your Entra ID (Azure AD) attributes like Department, Country, or Custom Attribute must be accurate—IBs rely on these for segmentation.
Architecture
Most modern tenants use Information Barriers v2 (IBv2) — the newer and faster version.
🧩 Step 1: Plan Segments and Policies
Plan your communication boundaries before setting up anything.
| Action | Example |
|---|---|
| Identify Segments | Sales, Research, Advisory |
| Define Rules | “Sales cannot communicate with Research” |
| Map to Attributes | Department = “Sales” |
| Choose Policy Type | Block or Allow |
Tip: Keep it simple—fewer segments mean easier management.
🧱 Step 2: Create Segments in Microsoft Purview
- Go to Microsoft Purview Compliance Portal → Information Barriers → Segments.
- Click Create Segment.
- Define rules using attributes. Example:
Department -eq "Sales" and Country -eq "US" - Save and repeat for all groups (Research, Support, etc.).
🚫 Step 3: Create and Activate Policies
- Go to Microsoft Purview → Information Barriers → Policies.
- Click Create Policy.
- Choose policy type:
- Block Policy – Prevents communication (e.g., Sales ↔ Research).
- Allow Policy – Restricts communication only to specific groups.
- Select segments involved.
- Save the policy as Inactive, review it, then Activate.
- Allow up to 24 hours for full propagation across Teams, SharePoint, and OneDrive.
🗂️ Step 4: Assign Site Segments (Optional)
To apply IBs to SharePoint and OneDrive:
- Identify sensitive sites.
- Assign a Site Segment that matches your IB setup.
- Validate access and sharing controls after assignment.
✅ Step 5: Test and Validate
After activation, verify that:
- Blocked users cannot chat, call, or invite each other to meetings.
- Restricted users cannot join Teams or channels across segments.
- SharePoint and OneDrive respect IB restrictions.
- People search hides restricted users automatically.
💻 Step 6: Manage with PowerShell (Optional)
Use Security & Compliance PowerShell to manage IB settings.
# View all policies
Get-InformationBarrierPolicy
# Activate a specific policy
Set-InformationBarrierPolicy -Identity "Sales-Blocks-Research" -State Active
# View all segments
Get-InformationBarrierSegment
🧠 Best Practices
- Simplify segments: Avoid overly complex attribute filters.
- Pilot before production: Start small to test performance.
- Combine with DLP & Sensitivity Labels: IBs restrict who, DLP/Labels restrict what.
- Monitor regularly: Use Purview audit logs for visibility.
- Review quarterly: Adjust as roles and departments evolve.
- Maintain clean Entra ID data: IBs rely entirely on accurate user attributes.
🧰 Troubleshooting
| Issue | Possible Fix |
|---|---|
| IBs not applying | Wait 24 hours for propagation |
| Activation errors | Re-check role assignments |
| Users still visible | IBs block communication, not always visibility |
| Policy conflicts | Review “Allow” and “Block” combinations carefully |
📋 Sample Rollout Plan
| Step | Task | Description |
|---|---|---|
| 1 | Prepare | Verify licenses, assign roles |
| 2 | Build | Create segments and policies |
| 3 | Test | Pilot with limited users |
| 4 | Extend | Assign site segments |
| 5 | Validate | Check Teams, SharePoint, OneDrive |
| 6 | Monitor | Audit logs and compliance alerts |
🧩 Final Thoughts
Information Barriers are one of the most powerful compliance tools in Microsoft Teams. They help organizations maintain regulatory integrity, protect confidential data, and enforce internal communication policies seamlessly.
When combined with Data Loss Prevention (DLP) and Sensitivity Labels, IBs become part of a complete information governance framework—keeping your Microsoft 365 environment secure, compliant, and efficient.
