Apr 27 2023 10:26 AM
Hi Team.
I have the following requirement:
- Block download files un Microsoft 365 clients (Microsoft Outlook and Teams).}
For Web Apps is ready.
I create Conditional Access policy for use conditional access app control and create Microsoft Defender for Cloud Apps policy for sessión control file download.
Any file in Outlook Web or Teams Web cannot download file.
But policy cannot work in clients (Microsoft Outlook client or Teams client)
How can I apply the document download block on clients?
Thanks,
Apr 27 2023 10:42 AM
@CarlosMorales session controls are only applicable for browser sessions today. Some use cases can be accomplished on managed devices through the use of Endpoint DLP.
Apr 27 2023 01:22 PM
Apr 27 2023 01:31 PM
@CarlosMorales what most customers will do in this scenario is block access to native clients on unmanaged devices using a CA policy then force traffic to browser so it can be monitored and controlled by a session policy
Apr 27 2023 01:39 PM
Apr 27 2023 01:57 PM
Solution@CarlosMorales you would also need to include unmanaged devices, this can be done through a device filter something like this.
Then create a separate CA policy to enable session controls for the browser based users
Apr 27 2023 01:57 PM
Solution@CarlosMorales you would also need to include unmanaged devices, this can be done through a device filter something like this.
Then create a separate CA policy to enable session controls for the browser based users