Forum Discussion
Block Sensitive Data Upload to External SharePoint Online Tenants
We need to block the ability of Users, who are serving the notice period, to upload any Confidential labelled documents to external SharePoint Online Tenants. What is the best way to do this please?
Thank you, I will onboard a device, try and come back.
Hi Dean, I tried to create a policy and can see the option for allowed/blocked Service domains. If I add the following two to allowed service domains, will it mean that sensitive documents will be allowed to uploaded to these two portals and except these two they wont be able to upload to other Sharepoint domains?
techs.sharepoint.com village.sharepoint.com sorry for jump in the conversation.
You want to create a different restriction to those domains? if yes, you should enter those domains on Sensitive Restriction Groups to give another permissions. But if you only define those domain in allowed service domain, that doesn't meant user wont be able to upload sensitive data to another sharepoint except those two. You still should define the service domain that you want to be block.
Are you looking for solution specific to Defender for Cloud apps, or?
Yes it is possible, else I can look for other options. Please suggest
I would do this with an Endpoint DLP policy
Thanks Dean, do you mean the endpoint DLP policy? I don't have machines on boarded in purview at the moment
