How to block point-to-point file transfers in Skype for Business using PowerShell


There are situations where you want to block P2P file transfers to people outside the organization during a video conference meeting. You’ll need to issue a global policy.

Image: iStock/AndreyPopov

Users of the online version of Microsoft 365 are well aware that Skype for Business has been incorporated into Microsoft Teams and is, therefore, not a separate standalone application anymore. However, that does not mean that Microsoft 365 administrators cannot control certain aspects of Skype for Business using PowerShell commands. In fact, in some cases, it may be a necessity.

SEE: Checklist: Securing digital information (TechRepublic Premium)

Depending on your business, there may be situations where you would like to prevent point-to-point file transfers of sensitive materials or data during a Microsoft Teams session to parties existing outside the organization. At the same time, you would like to allow point-to-point internal file transfers. Configuration settings in Microsoft Teams, and by extension Skype for Business, are not granular enough to allow for this contingency, but it is possible with PowerShell scripts.

This how-to tutorial shows you how to use PowerShell commands to change point-to-point (P2P) file-transfer settings for meetings using Microsoft Teams and Skype for Business.

How to block point-to-point file transfers in Skype for Business

To achieve our stated goal of allowing file transfers during meetings for internal members of the organization but disallowing file transfers involving meeting participants external to the organization, we will be issuing commands to assign general conference policies for each group.

SEE: 10 PowerShell cmdlets you can use instead of CMD commands (TechRepublic)

Note the commands involved are only valid in PowerShell version 3.0 or higher. To check your version of PowerShell, right-click the Start button on a Windows 10 desktop and select Windows PowerShell (Admin) from the context menu. At the prompt, type “Get-Host” and note the version number, as shown in Figure A.

Figure A

a-block-file-transfers-skype.jpg

If you are not using PowerShell 3.0 or better, you will have to update and install the latest version.

You will also need to install the Windows PowerShell module for Teams. From the command prompt of Windows PowerShell (Admin), type “Install-Module MicrosoftTeams” and answer “Y to all” to install it, as shown in Figure B.

Figure B

b-block-file-transfers-skype.jpg

With the module installed, you are now ready to start a Windows PowerShell session and connect to Microsoft 365 to issue policy commands. To connect to Microsoft 365, type or paste in this command script at the Windows PowerShell (Admin) prompt:

Import-Module -Name MicrosoftTeams

 $credential = Get-Credential

 $session = New-CsOnlineSession -Credential $credential

 Import-PSSession $session

You will have to provide administrative-level credentials. Figure C shows you what to expect once the session begins.

Figure C

c-block-file-transfers-skype.jpg

By default, the configuration EnableP2PFileTransfer is enabled as a standard part of an organization’s global policy. To allow P2P transfers for inside your organization but block external file transfers outside your organization, you need to change the settings at a global level. This following command will accomplish this task:

Set-CsExternalUserCommunicationPolicy -EnableP2PFileTransfer $False

Once that command is entered at the command prompt, the new policy goes into effect. To change it back to the default policy, change $False to $True in the command line and run it again. Close Windows PowerShell to complete the change. Keep in mind this is a global policy and will affect all users associated with your organization’s Microsoft 365 instance.

This configuration setting will be useful for organizations dealing with private customer data, protected intellectual property, or operating under strict compliance regulations. In many cases, a written policy forbidding P2P transfers by users may not be good enough to secure sensitive data. Technology-based restrictions may be required in those instances.

Also read:



Source link