Our organisation is migrating over to Office 365, but have had a concern raised by a user who has realised that it is possible for them to access the Web versions of 365 by logging in with their personal account. We deal with a significant amount of confidential data, and want to minimise the opportunity this issue would provide for the accidental or deliberate sharing of confidential data outside of our environment.
Is there any way we can block our users from signing in with their personal 365 accounts? We cannot block the URL of the login website, as this would interfere with our own single sign-in process and make 365 inoperable on our work accounts.
In addition, are there any other GPOs that can be used to block signing in to local apps with a personal account? I have been able to prevent signing in to Outlook, but the same GPO has unfortunately not extended to Teams. Is there another GPO that I have missed? The GPO we're currently using is 'User Configuration > Policies > Administrative Templates > Microsoft Office 2016 > Miscellaneous > Block signing into Office' and setting it to Org ID