Jul 14 2021 10:17 PM
I wish to block upload of documents to Other Office 365 tenant on a managed device?
Can this be achieved using MCAS
Jul 29 2021 07:05 AM
Jul 29 2021 10:08 PM
Jul 30 2021 01:59 AM
Do you mean sharing documents with other tenants? because upload means they already have access to those tenants as guests maybe and the other tenants should take the action from their sides not yours.
If you're talking about sharing files with another domains/tenant, as i know you can get prevent that using a File Policy in MCAS
Also you can use entire organization instead of Any Any from domain.
Cheers,
Jul 30 2021 02:24 AM
Jul 30 2021 02:43 AM
Jul 30 2021 03:34 AM
for what a list of millions of domains needed to? Instead of contain we can use do not contain.
Jul 30 2021 04:13 AM
@MZyarah I think we are both wrong. That file policy doesn't even apply to uploads, it's a sharing policy.
And I may be wrong, but I believe a collaborator is defined as a user that has been given explicit access to the data. If the user is not a collaborator, the filter would not apply.
For the policy to work, every file shared would have to be explicitly shared to specific users. If a file is shared without specifying the users it's intended to be shared with, the policy would not apply.
Crucially, that policy does not appear to have any baring on upload of data, because uploading a file is not defined as sharing a file. The file policy in question is specifically a sharing policy - that means it has to be shared - upload does not trigger a sharing policy.
Jul 30 2021 04:14 AM
Jul 30 2021 04:28 AM
Jul 30 2021 04:40 AM
Jul 30 2021 05:07 AM
This is not even related to uploading or sharing files, if you don't want your corporate devices access to other tenants you need to use Azure AD tenant restrictions, take a look here.
I hope this will be helpful.
Jul 30 2021 06:01 AM
Jul 30 2021 06:03 AM - edited Aug 01 2021 04:26 PM
What if all data is encrypted? What happens to sharing or uploading or any other means of exfiltration?
Sharing, uploading, it doesn't matter if the data is encrypted and only corporate devices can be used to authenticate so they can access the data.
Jul 30 2021 07:41 AM
Aug 01 2021 04:25 PM