Forum Discussion
Solved
Restricting access based on location
Our customer has a requirement to block access to their data for anyone outside of the country. At the moment they do this by forcing users with company supplied mobile devices to hand them back to t...
Well, how do you define "outside of the country" in this scenario? If based on IP (geo-tagging), you can certainly use Conditional access by adding work locations/trusted IPs. Of course this information can be incorrect in some cases. But you can also combine Conditional access with MFA enforcements and make sure that the "authentication phone" is one that can only be dialed in the home country (no roaming).
But in general there is no "restrict by country" setting you can use.
I'm curious, what is the basis for that type of requirement?
- I believe they've interpreted a legal requirement for data sovereignty as meaning no-one outside the country can access the data. Not sure how accurate that interpretation is.
