Forum Discussion

Junaid Ahmed's avatar
Junaid Ahmed
Copper Contributor
May 11, 2019

Is it possible to block uploading unclassified file on OneDrive for Business

Hi Fellows,

 

Cloud App Security promises to automatically classify files uploaded to Cloud app such as OneDrive for Business. However I have a customer with business requirement to not allow users be able to upload files on OneDrive for Business unless files are pre-classified using AIP.

 

Additionally, if possible, files classified with label 'Confidential' should be blocked. Only files which are classified as 'Public' should be allowed.

 

Is it possible using Cloud App Security? Has any one experienced such scenario?

 

I can see there is a "Block upload based on real-time content inspection" action available in Cloud App Security > Session Policy. However I am not able to create a conditional access policy (which is pre requisite for creating Cloud App Security Session Policy https://docs.microsoft.com/en-us/cloud-app-security/proxy-deployment-aad#add-azure-ad). OneDrive for Business is not available in the list of cloud apps while creating Conditional Access. I am following this link https://docs.microsoft.com/en-us/cloud-app-security/proxy-deployment-aad#add-azure-ad

  • HolgerSepago's avatar
    HolgerSepago
    Copper Contributor
    Hi Ahmed,

    I'd like to jump on the bandwagon. In my usecase, documents with a specific label aren't allowed to be uploaded to OneDrive and I can't figure out how this might work.

Resources