Forum Discussion
Blocking download files with sensitive data from desktop client Apps on non-domain joined systems
What is the best way to block downloading files with sensitive data on to non-domain joined personal desktops using desktop client apps (Outlook, One Drive, Teams...). Using Conditional access po...
Hi,
Session policies don’t support mobile and desktop apps. Mobile apps and desktop apps can be blocked or allowed by creating an access policy.
However access policies do not allow block of download.
You can use this link to block download via a SharePoint policy
https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices.
Thx,
Shlomi
Session policies don’t support mobile and desktop apps. Mobile apps and desktop apps can be blocked or allowed by creating an access policy.
However access policies do not allow block of download.
You can use this link to block download via a SharePoint policy
https://docs.microsoft.com/en-us/sharepoint/control-access-from-unmanaged-devices.
Thx,
Shlomi
Thank you Shlomi,
We have already applied this settigns. However, we don't want to block all downloads, just want to restrict downloading sensitive data onto non-domain joined PCs ( personal PCs).
Hi,
what are you considering as sensitivity data?
is it based on information protection labels, PII, PCI data?
Thx,
Shlomi
- Have you tried using session policy, configured to trigger for non domain joined devices or no compliant devices and trigger a block download based on DLP?