Mar 16 2020
- last edited on
Feb 06 2023
To mitigate the risk of data exposure, is it recommend to still use a VPN connection, even if you are using Office 365's native desktop client apps on Windows 10?
Mar 17 2020 02:26 AM
Was it ever recommended? :) To mitigate data slippage scenarios, use DLP or AIP.
Mar 17 2020 02:58 AM - edited Mar 17 2020 02:59 AM
Mar 17 2020 08:40 AM
My bigger concern is how do I have absolute certainty that all traffic being passed from my clients (Azure AD Joined Windows 10 Pro clients, with BitLocker on, or iOS and Android devices) to the Office 365 cloud is done completely encrypted, from at rest to in transit, even when connected to a public WiFi hotspot (i.e. captive portals at coffee shops/airports) or an untrusted network (i.e. Verizon or Comcast's public WiFi, etc.)?
Mar 17 2020 09:01 AM
@OneTechBeyond I get where you are coming from, I just don't see a VPN being the answer. Typically you'd use things like Conditional Access to manage the risk accordingly when accessing resources from untrusted networks or devices. Then the is Microsoft Information Protection to apply protection if needed, like with Windows Information Protection or Azure Information Protection.
WIthout having to do anything, traffic is encrypted and other steps taken to protect Office 365 as mentioned here https://docs.microsoft.com/en-us/microsoft-365/compliance/office-365-encryption-risks-and-protection....