Forum Discussion
Restricting client access to other Office 365 tenants
Good an bad there. Only works with your network as the accessing permiter. Off your LAN/VPN it doesn't help. Also you need Azure AD P1 licensing to use it. And there is overhead with SSL decryption, inject a header, and encrypt to send it on its way.
Currently Azure AD tenant restrictions is the way to accomplish this. Can you give an example of scenario where you would have to restrict access when your users are not on your network? Say for example that one of your employees work for a non profit or volunteers at a school that has O365, or they get invited by their kids to review their schoolwork on their school OneDrive. The only way to really accomplish that blocking would be to have your company laptops limit access in the local firewall (feature we dont have today to do what tenant restriction does but do it client side).
Brjann
- Azure AD Customer Success team
- tannerbriggsNov 09, 2018
Microsoft
Hi everyone,
Although not a complete solution, admins can configure Outlook client to prevent users from adding new accounts/profiles. This would stop employees from accessing other email services from the desktop client. However, OWA and other browser-based services would still be accessible without another control in place.
- ErFeb 26, 2019Copper Contributor
how to block non-business tenant outlook access (eg. Hotmail)?
- Dean_GrossFeb 26, 2019Silver ContributorOne way to keep people from access Software as a Service systems like Hotmail, is with Cloud App Security. It can be used to prevent access to thousands of different apps like this.