MicrosoftMicrosoftHello,
About Site and Group Settings, if plan to use it to allow or limit access from unmanaged devices, would be good to:
1. Allow to disable "Incompatible sensitivity label detected" messages;
2. Remove the "None" option, so only existing Sensitivity label can be applied or allow to set Default sensitivity label in SharePoint Online Template for new sites, so users cannot create a site without Sensitivity label;
3. Work with OneDrive team & integration, right now, to enable Sensitivity label per site, the general SharePoint Admin Access Control policy must be changed to "Allow full download"; If in the past, company strategy was to Limit access from unmanaged devices, this new solution force to disable this setting and set it back to "Allow full download", nothing documented about it + if we disable this setting and set back "Allow full download", this disable existing Conditional Access policies created before by this setting;
4. Explain configuration in more details, have a feeling that Conditional Access policy explanation missing in all documents about SharePoint sites with Sensitivity labeling;
5. SharePoint Sensitivity labeling solution must follow the logic of the data classification if the organization deployed as example 10+ Sensitivity labels and build internal Data Classification documentation in the past, and now we try to integrate something regarding SharePoint site labeling... makes it a little bit confusing for end-users.
