So the other day, someone from Legal casually asks,
“Can we stop HR from seeing our files?”
And you just stare for a second, wondering if this is the start of a turf war or just another Tuesday at contoso.
The answer? Yes. Yes, you absolutely can.
Welcome to Information Barriers, Microsoft’s way of saying,
“Some teams should definitely not be talking to each other.”
And honestly, it’s kind of beautiful.
So what is an Information Barrier?
Information barriers apply to Microsoft Teams (chats and channels), SharePoint Online, and OneDrive services.
Imagine putting up a magical force field between two departments so they can’t:
- Chat in Teams
- Share files
- @mention each other
- Or Even see each other in a people search
It’s not just awkward, it’s intentional.
It’s corporate drama control.
Basically, you’re building the Bridge of Khazad-dûm, and you’re Gandalf, standing in front of it yelling:
“YOU. SHALL. NOT. PASS.”*
(* to Accounting)
Who actually uses this?
Oh, you’d be surprised:
- Mergers & acquisitions (because nothing says “confidential” like total digital isolation)
- HR and Legal when something spicy is happening
- Finance and… well, everyone
- That one product team that’s not allowed to know what the other product team is doing (yes, that happens)
It’s all perfectly professional.
And deeply satisfying to set up.
Okay but… what does it actually do?
Here’s the long story, short version:
- You group users into segments (think: Legal, HR, Sales, etc.)
- You build policies that say “these people can’t interact with those people.”
- Microsoft 365 enforces it everywhere, from Teams and SharePoint even eDiscovery.
- The blocked users? They won’t see messages, folders, or even people they’re not supposed to.
It’s like making someone digitally invisible. Not blocked. Just… never there.
Alright, time to crack open the spellbook and conjure up some PowerShell magic ! To enable information barriers in SharePoint and OneDrive, run the following command:
Set-SPOTenant -InformationBarriersSuspension $false Use the following command to assign the segment to your SharePoint site:
Connect-SPOService
Set-SPOSite -Identity <SITE URL> -AddInformationSegment <SEGMENT UID>
SharePoint or Global Administrators can define up to 5,000 segments, and users can belong to more than one segment.
Before you flip the switch though…
Couple thing you need to considere s:
- This needs E5 licenses or equivalent add-ons builts. So… not exactly a hobby feature.
- Misconfiguring it can break search, sharing, and people’s trust in technology.
- There is no polite error message, users just get the silent traitment, “Wait, why can’t I see James anymore?” and start filing tickets.
So yeah, like with any feature , test it before you go full Mordor.
Information Barriers let you stop the wrong people from seeing the wrong stuff, by design.
It’s not micromanagement. It’s security. It’s policy. It’s… deliciously effective.
So go ahead. Build your bridges. Guard them with your admin wizard staff.
And when someone asks why Legal and HR can’t tag each other in Teams anymore, you may just smile and say:
“Because I said so. And also: You shall not pass.”
