New-InformationBarrierPolicy

This cmdlet is available only in Security & Compliance Center PowerShell. For more information, see Security & Compliance Center PowerShell (https://docs.microsoft.com/powershell/exchange/scc-powershell).

Use the New-InformationBarrierPolicy cmdlet to create information barrier policies in the Security & Compliance Center.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax (https://docs.microsoft.com/powershell/exchange/exchange-cmdlet-syntax).

Syntax

New-InformationBarrierPolicy
   [-Name] <String>
   -AssignedSegment <String>
   [-Comment <String>]
   [-Confirm]
   [-State <EopInformationBarrierPolicyState>]
   [-WhatIf]
   [<CommonParameters>]
New-InformationBarrierPolicy
   [-Name] <String>
   -AssignedSegment <String>
   -SegmentsAllowed <MultiValuedProperty>
   [-Comment <String>]
   [-Confirm]
   [-WhatIf]
   [<CommonParameters>]
New-InformationBarrierPolicy
   [-Name] <String>
   -AssignedSegment <String>
   -SegmentsBlocked <MultiValuedProperty>
   [-Comment <String>]
   [-Confirm]
   [-WhatIf]
   [<CommonParameters>]

Description

Information barrier policies are not in effect until you set them to active status, and then apply the policies:

For more information, see Information barrier policies.

You need to be assigned permissions in the Security & Compliance Center before you can use this cmdlet. For more information, see Permissions in the Security & Compliance Center.

Examples

Example 1

New-InformationBarrierPolicy -Name "Sales-Research" -AssignedSegment "Sales" -SegmentsBlocked "Research" -State Inactive

This example creates an inactive policy named Sales-Research for a segment named Sales. When active and applied, this policy prevents people in Sales from communicating with people in the segment named Research.

Example 2

New-InformationBarrierPolicy -Name "Manufacturing-HR" -AssignedSegment "Manufacturing" -SegmentsAllowed "HR" -State Inactive

This example creates an inactive policy named Manufacturing-HR for a segment named Manufacturing. When active and applied, this policy allows people in Manufacturing to communicate only with people in the segment named HR. (In this example, Manufacturing can't communicate with users who aren't in HR.)

Example 3

New-InformationBarrierPolicy -Name "Research-HRManufacturing" -AssignedSegment "Research" -SegmentsAllowed "HR","Manufacturing" -State Inactive

This example creates a policy that allows the Research segment to communicate with only HR and Manufacturing.

Parameters

-AssignedSegment

The AssignedSegment parameter specifies the Name value of segment that you want to include in the information barrier policy. You can find existing segments by running the following command: Get-OrganizationSegment | Format-List Name,UserGroupFilter.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center
-Comment

The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note".

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center
-Confirm

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

  • Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.

  • Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center
-Name

The Name parameter specifies a unique name for the information barrier policy that you want to create. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks (").

Type:String
Position:0
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center
-SegmentAllowedFilter

This parameter is reserved for internal Microsoft use.

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center
-SegmentsAllowed

The SegmentsAllowed parameter specifies the segments that are allowed to communicate with the segment in this policy (users defined by the AssignedSegment parameter). Only these specified segments can communicate with the segment in this policy.

You identify the segment by its Name value. If the value contains spaces, enclose the value in quotation marks ("). You can specify multiple segments separated by commas ("Segment1","Segment2",..."SegmentN").

You can't use this parameter with the SegmentsBlocked parameter.

Type:MultiValuedProperty
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center
-SegmentsBlocked

The SegmentsBlocked parameter specifies the segments that aren't allowed to communicate with the segment in this policy (users defined by the AssignedSegment parameter). You can specify multiple segments separated by commas ("Segment1","Segment2",..."SegmentN").

You identify the segment by its Name value. If the value contains spaces, enclose the value in quotation marks ("). You can specify multiple segments separated by commas ("Segment1","Segment2",..."SegmentN").

You can't use this parameter with the SegmentsAllowed parameter.

Type:MultiValuedProperty
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center
-State

The State parameter specifies whether the information barrier policy is active or inactive. Valid values are:

  • Active

  • Inactive (This is the default value.)

Type:EopInformationBarrierPolicyState
Accepted values:Inactive, Active
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center
-WhatIf

The WhatIf switch doesn't work in Security & Compliance Center PowerShell.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Office 365 Security & Compliance Center

Inputs

Outputs