Time
6 hours 59 minutes
Difficulty
Intermediate
CEU/CPE
7

Video Transcription

00:00
Welcome back. Enthusiastic, eager cybersecurity. Microsoft Security Administration murders Welcome back.
00:08
I once was told I could be a hype man.
00:11
So just just be lucky. I don't bring out a bullhorn or megaphone at this point.
00:16
I'm your instructor. Jim Dangles were on Model five Industry 65 Security Administration Course Investor 65. Compliance with lesson to governance
00:27
and we're gonna go over ethical longs
00:30
in this lesson. We're gonna go over what ethical wall is and how to create ethical wall in exchange
00:36
ethical walls. If you have done any of your Sistine or any I sack, of course, is you know what this is said Common cybersecurity term.
00:46
So you're some famous Walls.
00:48
Wal Mart.
00:49
Wally
00:51
Painful Is the Wall. Fantastic Album.
00:54
Wally World, Chevy Chase Classic.
00:57
Great Wall of China,
01:00
The Berlin Wall,
01:02
Stonewall Jackson,
01:04
These Air Famous Walls,
01:07
John Wall. It's another one for you guys around D. C. Re basketball fans,
01:12
but I digress.
01:14
Let's look at an ethical wall.
01:17
Ethical wall is a process for avoiding conflicts. Adventures by limiting disclosure of information to certain attorneys or individuals within a farmer corporation
01:27
There by building a metaphorical wall.
01:34
I like
01:34
any time I can use quote, air quotes. I'm going to use a metaphorical wall. Between the holders of information and the colleagues who
01:42
represent interests or hold opinions was conflict.
01:46
It is also known as a Chinese wall.
01:49
The brewer and mass model
01:51
was constructed to provide information security access controls that can change dynamically.
01:57
The security model
01:59
take a Chinese wall,
02:00
was designed to provide controls, mitigate conflicts of interest
02:06
and commercial organizations and is built upon an information flow model.
02:10
Ethical laws and exchange online. I'll give you the key to right now
02:15
transport rules.
02:17
That's how you do the wall.
02:20
There's the bricks and mortar
02:23
masonry knowledge, transport rules.
02:27
Simple is that
02:28
you came here thinking some profound explanation. Transport rules.
02:32
It's kind of anticlimatic. If you ask me,
02:36
you create an ethical wall Using distribution groups.
02:39
Transport rules can reject messages sent between members of two groups.
02:46
Remember,
02:46
you can have annual design memberships or dynamic memberships for groups.
02:51
Let's say you have to departments that never talk. Make sure you have a half old department and I'm Accord informant.
02:58
You want to set up a dynamic membership group.
03:01
If somebody's department value changes, the Hatfill
03:05
they go in this room.
03:07
Semis department value changes to be coy. They're going this group
03:12
that way by using dynamic membership. Once you said
03:15
your exchange roll, you don't have to maintain management off the groups
03:20
an employee transfers in that exchange. Mail Floyd rule automatically applies
03:24
Linda
03:27
Automatic Membership. Trump's manual.
03:30
You don't want to have to go through and do 1000 visual steps every time something changes in your organization.
03:37
Automatic dynamic That is the goal that is, the key
03:42
information barriers and teams.
03:45
This is included within Officer 65 85
03:47
War The Chemistry 65. If I suite of licensing,
03:52
it's available for users within the M s. 3. 65 e five. Compliance
03:57
or office 3. 60 baht Advanced compliance. Adolescents.
04:00
So you have your core officer 65 35 Industry 65. If I sweet or
04:06
you have a low card Adam,
04:10
it prevents lookups and discovery as well as communication
04:14
scope Directory. Search teams must be enabled.
04:17
Remember that scope Direct research in teams has to be enable for information barriers
04:24
to function on teams.
04:27
When you define policies for information barriers, you're gonna work with user account attributes,
04:32
segments
04:33
block a royal policies and policy application
04:38
user account as reviews or define an azure A D,
04:42
which could come from your one premise a. D
04:46
if you use
04:46
as her 80 connect.
04:48
If you don't know what I'm talking about, you've obviously skipped around or falling asleep during one of my lessons. Please go back.
04:57
These attributes can include things like departments, John Title Location, Team name.
05:02
He told earlier about department
05:05
segments or sets of uses. Their defined in the Securities Compliant Centre using a selected user account. Attribute
05:14
block policies.
05:15
Prevent one segment from communicating with another.
05:18
Allow policies. Allow one segment to communicate with only certain other segments.
05:25
Let's say, for instance, you have 10 segments.
05:27
Segment one only needs to communicate with Segment eight.
05:31
You're going to do a block policy you and doing a lot of policy. Allow segment warrant between UK with second eight
05:38
because they allow policy
05:40
allows it only to communicate with that other segment. That automatic blocks segment two through seven and nine in 10. From communicating with one
05:48
policy application is done after all information barrier policies with fine
05:54
in your ready to apply them in your organization.
05:58
You need to segment user time and what policies are needed.
06:00
Make a list of segments to define this spot department, even if it's within departments sub department if it's by a certain geographical location, ZIP code, a office location, a building name.
06:15
Whatever IT ISS.
06:16
Make a list of those second sections that you need.
06:19
Identify which attributes make up their segments.
06:23
Defined segments in the terms of policy filters. Defined information. Bearer of policies to find your policies.
06:30
Don't apply them to find them.
06:32
Choose what kind they are. Is it a block, or is it in the wild policy?
06:36
Applying the policy
06:39
Send policies too active.
06:41
Run the policy application and view the status
06:45
currently information. Bear policies or define and manage
06:48
within office. 3 65 Security Compliance Center
06:51
Using Power Shell Command Let's.
06:54
Here's an information barrier triggers
06:57
if you have a new team. Member
06:59
policies are evaluated against policies of other members.
07:02
If a person comes into that one boarded
07:04
yes, they transfer
07:06
the new Champ requests
07:09
policies. Make sure the chat isn't in violation. If I want to talk to somebody in a department where a segment that I'm not allowed to
07:16
the new chat request is gonna trigger
07:18
that information bear policy
07:20
user invited to a meeting.
07:23
Policies evaluated against policies of other maintenance. Indy's
07:27
screen share
07:28
policies evaluated against policies of other members.
07:30
If I'm not supposed to communicate with you,
07:33
I'm not research from ice cream with you either.
07:35
So all of these initiate information. Barrier policy triggers
07:40
point teams call.
07:41
If I can't do a team shot with you, I'm not gonna be able to call you on teams. Er,
07:45
it's another sugar guess. Users
07:47
information. Bear policies can apply to guests
07:50
so you can actually have a information bear. A policy that this this segment cannot communicate with guests.
07:58
Here's an example
08:00
of when a information bear policy triggers
08:05
says your company policy prevents you from joining in this call.
08:07
Sorry, sad trombone. Uh, or have you tried to add
08:13
members?
08:13
He says, Hey, we can't find any matches.
08:16
Even though the person exists,
08:18
I'm not allowed to add them to my team because of information barrier policies.
08:24
Quiz
08:26
information. Bear policies do not apply to guess users within the teams environment.
08:31
True or false,
08:33
you're a 50 50 shot.
08:37
Come on, what do you think?
08:39
Guess users, teams guess users. Information barrier.
08:43
The answer is
08:46
the answer is false.
08:48
Of course, we just went over.
08:50
We just went over. You can't apply information. Bear policies to guests in teams.
08:56
So the answer is as false
08:58
as those Nike salons there.
09:00
To recap the lesson. An ethical wall also knows the Chinese Wall security model was designed to provide control. Was that mitigate conflict of interest?
09:11
Ethical laws are created in exchange, utilizing distribution groups and now transport rules.
09:16
Information barriers are policies that an admin can configure to prevent individuals or groups from communicating with each other in teams.
09:24
Thank you for joining me on this lesson. You see, for the next one, take care.

Up Next

MS-500: Microsoft 365 Security Administration

The Microsoft 365 Security Administration course is designed to prepare students to take and pass the MS-500 certification exam. The course covers the four domains of the exam, providing students with the knowledge and skills they need to earn their credential.

Instructed By

Instructor Profile Image
Jim Daniels
IT Architect
Instructor