cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using MCAS to block file upload to SharePoint Online based on (external) file property?

Petri Helin
Copper Contributor

‎Mar 08 2021 01:34 AM

‎Mar 08 2021 01:34 AM

Using MCAS to block file upload to SharePoint Online based on (external) file property?

Hi,

With MCAS (by file policy or by Conditional Access App Control), would it be possible to act on single file if specific file property matches search criteria? E.g. if any value  in multivalued property "Tags" in Office file matches "testtag01" or if any value  in multivalued property "Keywords" in PDF file matches "testtag01". I've tried with O365 DLP, but with traditional Office 365 DLP issue is that those properties are not indexed in SharePoint search index by default and therefore DLP wont detect those.

 

4,416 Views
1 Like
4 Replies
Reply
4 Replies
jurowley

‎Mar 08 2021 05:44 AM - edited ‎Mar 08 2021 05:46 AM

‎Mar 08 2021 05:44 AM - edited ‎Mar 08 2021 05:46 AM

Re: Using MCAS to block file upload to SharePoint Online based on (external) file property?

@Petri Helin I think you'll probably need an Activity Policy for this. You can create an Activity Policy to match anything in the "Activity Object" field of the Activity Log entry. If the specific property you're interested in auditing isn't listed there, you can create a Service Ticket with Support to add any of the "Raw Data" fields we pull from O365. But it sounds like the specific property you're after isn't audited at all by SPO so I doubt you will find it in the Raw Data field of the Activity Log entry. I think you'll want to petition SPO to start auditing for the API Object and then MCAS to start calling for it - but I'm not entirely sure, frankly. Definitely wouldn't be a Session Policy (CAAC) and I couldn't find anything seemingly relevant for a File Policy. 

 

jurowley_0-1615210942067.png

 

1 Like
Reply
Petri Helin

‎Mar 08 2021 10:46 PM

‎Mar 08 2021 10:46 PM

Re: Using MCAS to block file upload to SharePoint Online based on (external) file property?

Ok, thank you for your comments @jurowley. I find it quite odd that you cannot filter by file properties in File Policies :(
0 Likes
Reply
jurowley

‎Mar 09 2021 05:45 AM

‎Mar 09 2021 05:45 AM

Re: Using MCAS to block file upload to SharePoint Online based on (external) file property?

@Petri Helin - you can filter by properties of the file. For example, you can create a File Policy that matches a file that's externally shared, when it was last modified, the mime type, file type, file name, etc. You can even filter by labels. 

 

jurowley_0-1615297378385.png

 

Does this answer your question? 

0 Likes
Reply
jurowley

‎Mar 09 2021 05:49 AM

‎Mar 09 2021 05:49 AM

Re: Using MCAS to block file upload to SharePoint Online based on (external) file property?

I'm not sure what you mean when you say, "if any value in multivalued property 'Tags' in Office file matches 'testtag01' or if any value in multivalued property 'Keywords' in PDF file matches 'testtag01'".
0 Likes
Reply