Forum Discussion

Dan_Snape's avatar
Dan_Snape
Bronze Contributor
May 30, 2017
Solved

Restricting access based on location

Our customer has a requirement to block access to their data for anyone outside of the country. At the moment they do this by forcing users with company supplied mobile devices to hand them back to t...
information protection and governance
microsoft information protection
  • VasilMichev's avatar
    VasilMichev
    May 31, 2017

    Well, how do you define "outside of the country" in this scenario? If based on IP (geo-tagging), you can certainly use Conditional access by adding work locations/trusted IPs. Of course this information can be incorrect in some cases. But you can also combine Conditional access with MFA enforcements and make sure that the "authentication phone" is one that can only be dialed in the home country (no roaming).

     

    But in general there is no "restrict by country" setting you can use.

VasilMichev's avatar
VasilMichev
MVP
May 31, 2017

Well, how do you define "outside of the country" in this scenario? If based on IP (geo-tagging), you can certainly use Conditional access by adding work locations/trusted IPs. Of course this information can be incorrect in some cases. But you can also combine Conditional access with MFA enforcements and make sure that the "authentication phone" is one that can only be dialed in the home country (no roaming).

 

But in general there is no "restrict by country" setting you can use.

Resources