Items within Hubs respect limitations introduced through information barriers.
When you create an information barrier , you can specify the users and Hubs that belong to specific segments. Information is available on how to add Hubs to existing information barriers.
Notes:
- If a user creates a Hub and is already in an information barrier (IB) segment, that Hub is automatically added to the segment.
- If a Hub belongs to an IB segment, it can include:
- Content from that segment and non-segmented content
- Users from permitted segments and non-segmented users
- If a Hub does not belong to an IB segment, it can only include non-segmented content, but it can be shared with segmented users.
End user experience
When information barriers are enabled, end users:
- Cannot share Hubs if it would violate a segment restriction.
- Cannot access a Hub via a public shared link.
- Cannot upload content to a Hub outside their information barrier segment.
End users can join and access Hubs that do not belong to any information barrier segment, as well as Hubs whose segment is permitted to interact with their own.
When creating a Hub, it is automatically added to the user’s information barrier segment if they belong to one.
Information barrier restriction requirements
Collaboration with Hubs in an information barrier:
Collaborations are blocked or removed if a user belongs to a segment that does not have access to the Hub’s segment.
Group collaborations are blocked or removed if any user in the group belongs to a segment that does not have access to the Hub’s segment.
Shared links to Hubs:
Users accessing Hubs via a shared link go through a live information barrier check. If they do not have access, they are blocked from viewing the Hub and its content. Anonymous users are exempt from this check because they do not belong to a segment.
Item association to Hubs:
- For a Hub in a segment, an item can only be added if the item owner:
- Is in the same segment as the Hub, or
- Is not in any segment
- If the Hub is not in a segment, only items owned by users who are not in any segment can be added. Otherwise, the item cannot be added or will be removed.
Violations of the information barrier
When information barriers are enabled, collaborations that cause a violation are automatically removed. For example:
- The Hub belongs to Segment A and is shared with User B. User B belongs to Segment B. If the segments cannot interact, User B is removed from the Hub.
- The Hub belongs to Segment A and is shared with Group B. Group B includes a user from Segment B. If the segments cannot interact, Group B is removed from the Hub.
If content in a Hub violates information barrier rules, it is removed. For example:
- The Hub does not belong to a segment but contains content that belongs to a segment. That content is removed.
- The Hub belongs to Segment A but contains content owned by a user from Segment B. If the segments cannot interact, that content is removed.
When content ownership changes from a non-segmented user to a segmented user, any violating collaborations are automatically removed. This does not apply to Hubs, as Hubs do not have owners. Any changes to a Hub’s segment require a manual change in segments .
View violations of the information barrier setup
- Navigate to the Admin Console.
- Select Shield.
- Select the Information Barrier tab.
- Click Run Collaboration Report.
More information about this report is available in Collaboration Reports .
An error message appears next to each row if a Hub was deleted and no longer exists.
Add Hubs to existing information barriers
Information on adding Hubs to information barriers is available in creating an information barrier user segment .
View the number of Hubs
- Navigate to the Admin Console.
- Select Shield.
- Select the Information Barrier tab.
- Click View Details.
- The segment name and number of items are displayed.
- Hover over the i next to Items to see the number of Hubs.