Introducing Conditional Access by Network Location for SharePoint and OneDrive for Business

Owen,

On the conditional access per site collection, in a regulated environment, like Healthcare, there is certain types of information, like PHI, that we only want access to approved devices.  Therefore, for a site collection where they may want to collaborate on information containing PHI, you would want to restrict based on IP of certain companies, domain approved devices, or InTune managed devices.  This would include not being able to access the content from personal devices.  However, other site collections, one may want to allow personal device collaboration and broader external collaboration, like say one was collaborating on building plans or a community program.  Right now, the Azure AD Conditional access would cover the broader access to service offering, such as SharePoint or Power BI.  What is needed at SharePoint level is the control at the site collection level, like we have sharing control at site collection level (i.e., some site collections can be externally shared and others not).