What Value does SphereShield offer for MS Teams

In this article, we will focus on what value SphereShield offers for MS Teams over and above the controls and features Microsoft offers natively.

Ethical Wall

Ethical Wall helps organizations control :

  • Who can communicate with who

  • How users can communicate

To understand the value that Ethical Wall offers over and above the Microsoft built-in features, we need to address internal and external communication separately.

External Communication

Microsoft Native controls

Microsoft allows organizations to control external communication in the following ways:

  • Allow all external communication

  • Block all external communication

  • Create lists of allowed external domains and blocked external domains

With Microsoft’s native controls, when an external domain is open for communication -

  • The whole external domain is open

  • Communication with that domain is allowed for everyone internally (org wide policy)

  • All types of communication are permitted

Ethical Wall Added Value

Ethical Wall adds flexibility to external communication control in 3 ways:

1- Open up external communication for a specific internal Group/Domain/User

2- Open up external communication to a whole external domain or even to just one external user from that domain

3- Open up external communication for limited communication capabilities. For example, allow IM’s but block file sharing and screen sharing

Internal Communication

Microsoft Native controls

Microsoft offers the ability to block communication between specific internal groups with the Information Barriers product

This product is only available with the E5 Compliance package

Information Barriers, apart from being expensive, is limited to the following two options:

  • Allow communication completely between Groups

  • Block communication completely between Groups

Information Barriers is a rigid solution that also does not allow for exception policies.

It is also important to note that Information Barriers needs to be managed using PowerShell.

Finally, an important limitation of Information Barriers is that policies don't work for federated users: If you allow federation with external organizations, the users of those organizations won't be restricted by IB policies. If users of your organization join a chat or meeting organized by external federated users, then IB policies also won't restrict communication between users of your organization.

Ethical Wall Added Value

With Ethical Wall, organizations gain the flexibility to have granular control over the types of communication.

If the policy calls for a complete block, Ethical Wall will block communication even when federated users have initiated the chat or meeting.

You can also control the following types of communication:

  • Chat

  • Audio

  • Video

  • File sharing

  • Screen sharing

  • Adding users to conversations

It is very common that organizations do not want to impose a complete block between internal groups. Rather, they want the flexibility to allow chat and meetings, but to block file sharing and screen sharing.

Policies can be based on AD Groups, Internal Domains and individual users based on the UPN.

Ethical Wall is managed in the SphereShield Admin Portal which has a GUI interface.


Microsoft Native controls

  • Microsoft has a DLP solution for MS Teams that is available with the E5 Compliance package

  • The solution is a reactive solution. This means that when sensitive data is sent in a file or message, the communication reaches the destination user and is deleted after the fact

  • The communication can be deleted quite quickly but also can take considerable time depending on various factors. Files can take up to an hour to be deleted.

  • Sensitive data appears in Windows and Mobile notifications and is not deleted at all.

  • In order for MS DLP to inspect external traffic, both the source organization and the destination tenant have to be on Teams Only Mode and using Native Federation.

  • MS DLP policies will not be enforced when a user is invited as Guest into an external tenant

  • MS DLP policies will not be enforced when a user joins a meeting that is hosted externally

SphereShield DLP Added Value

  • SphereShield offers a real time solution which blocks sensitive information from reaching the cloud and obviously the destination user. Sometimes this is needed as a matter of company policy and sometimes it is required by law.

  • SphereShield DLP applies regardless of whether the organization is on Teams Only Mode and using Native Federation

  • SphereShield DLP applies even when a user is communicating as a Guest in an external Tenant

  • SphereShield DLP applies even when a user joins a meeting that is hosted externally.

  • SphereShield DLP can also block files based on: A) file type B) file size C) Azure Information Protection labels and classifications

  • SphereShield DLP includes an anti harassment and Workplace safety feature that can block profane language and inappropriate images

  • SphereShield DLP can inspect Audio in real time using transcripts

  • SphereShield DLP can inspect video (on screen text) using Video OCR

  • SphereShield DLP can be integrated with other DLP vendors such as Forcepoint, Symantec, McAfee. This integration means that customers can use their existing DLP rules and infrastructure and cover MS Teams at the same time. Incidents will also appear in the existing Vendors incident manager.

  • SphereShield DLP policies can be applied to a subset if users, they do not need to be org wide.

  • SphereShield DLP violations are audited and integrated with the SphereShield eDiscovery. This is useful to see the entire context of a DLP incident.


Microsoft Native features

  • Using MS eDiscovery for MS Teams your organization can search for Teams communication from Public Channels

  • Private Channels and Guest communication needs to be managed using PowerShell

  • eDiscovery results, split up every line of communication into a separate downloadable file. A conversation with 100 lines of communication will be searchable with 100 files containing one line of communication each.

SphereShield eDiscovery Added Value

  • All communication can be archived as a backup (and even deleted from the cloud) . This can be stored on premise, in private cloud or as a backup in the cloud.

  • All communication is searchable including private channels and guest communication

  • In additin to standard file and message capturing, SphereShield eDiscovery also captures -

    • reply messages as well as the message that is being replied to

    • @mentions

    • Reactions (Thumbs up etc)

    • Edited messages - original message and new edited message

    • Deleted messages and that message was deleted (includes if delete was undone - “undo”)

    • Messages that are marked as Important/Urgent

  • The results are extremely user friendly. You can scroll through the communication seeing who said what, when they said it where they said it and to who it was communicated.

  • Results can be exported to easy to read PDF or Excel.

  • The solution can be managed by non O365 admins e.g. HR or Compliance

  • Audio and Video communication is also searchable

  • Meeting metadata information, including participants, screen shares etc are searchable.

  • Integrated with SphereShield DLP to see the entire context of a DLP violation

Channel Management

Microsoft Native features

  • N/A - it is not possible to move, copy, archive, export or merge channels natively in MS Teams

SphereShield Channel Management Added Value

Users have the flexibility to manage their Channels and perform the following actions

  • Move Channels to other Teams

  • Copy Channels to other Teams

  • Merge Channels together

  • Archive Channels

  • Export Channel content to PDF


SphereShield offers unique advanced governance capabilities that can be suited for a variety of needs.

Microsoft`s native governance gives the ability to do a few things, such as:

  • Adding a Team/s.

  • Adding or removing members from a Channel/s.

  • Assigning and reverting member`s roles.( Member Owner)

  • See list of Teams and their Metadata.

  • Upload Apps to MS Teams, with the ability to Block or Allow Apps.

  • Turn on/off external communication with Skype for Business and Teams users.

  • Create lists of allowed and disallowed external domains.

  • Control Guest Access ( Allowed / Not Allowed), and manage settings for guests.

However, SphereShield`s governance solution offers capabilities for a variety of scenarios and requirements. Such as:

Creation and Ownership

  • Which Groups/Users are allowed to create Teams

  • Which Groups/Users are allowed to create Channels

  • Which Groups/Users are allowed to be Teams Owners

Adding users (internal and external) and permissions

  • Which Groups/Users are allowed to add users to Teams

  • Which Groups/Users are allowed to add Guests to Teams

  • Which Groups/Users are permitted Guest Access to other tenants

File Uploading

  • Which Groups/Users are allowed to upload files to OneDrive / SharePoint

  • Which Groups/Users are allowed to upload files to MS Teams


Data is an extremely important, if not the most, valuable asset for any company. The fact that employees, and sometime guests, can access it and instantly share on collaboration platforms such as MS Teams, should raise a flag to have a system to control it and prevent any undesirable scenario. Also for other regulation (or internal policy) purposes, it may be necessary to restrict file uploading capabilities to a limited amount of users. Plus, save your tenant from future problems by establishing who can create teams and channels and Avoid Team/Channel Clogging.


Virtual Assistant - AGI

Microsoft Native Features:

  • A meeting will create a chat that can be found in the chat section

  • The participants, files, chat and other tabs are available in the chat

  • The Meeting Notes tab is available for manual note taking

  • The recording and transcript will also be posted to the chat automatically

  • With Microsoft Premium license you can also see suggested tasks and summary points

SphereShield Virtual Assistant Added Value

  • AGI automatically creates meeting content including Notes, Summary, Agenda and Decisions

  • AGI automatically create notes & tasks which are synced to your preferred Task Management / CRM System – Planner, Asana, Monday, Trello, Zoho etc.

  • AI Sentiment Analysis – identify positive and negative interactions for extra attention or cloning positive behavior

  • Post meeting items for discussion in MS Teams Group Chat

  • Tasks are also suggested from MS Teams chats.


Sentiment Analysis

Microsoft Native features:


SphereShield Sentiment Analysis Added Value:

  • Sentiment analysis of chat in Chats and Channels

  • Sentiment analysis of a Teams Meeting transcript

  • Sentiment analysis of one-on-one Teams messages as personal insights report