Current state of Session controls for Office 365?

Sergey Zelenov · ‎Jan 11 2019

I am a bit confused about the current state of activity controls in the public preview of Conditional Access App Controls for Office 365? The only one I have available in my tenant is 'Block Print' - which works reasonably well, but makes no practical sense combined with a lack of ability to prevent download of the same file:

Does this simply mean that that one control was made available to simply illustrate the potential use of the technology, and is not intended to be used for anything other than that at this stage? Or am I missing something?

Sergey Zelenov · ‎Jan 11 2019

@Tristan Watkins

Sergey Zelenov · ‎Jan 13 2019

Hi Sergey, happy to help you resolve this. Block download is possible in any app with session controls (the list of featured apps can be found here: https://docs.microsoft.com/en-us/cloud-app-security/proxy-intro-aad#supported-apps-and-clients). From your screenshots, it looks like download is not being blocked because a relevant policy is not triggered. To create a relevant policy for download controls, it should be of type "Control file download (with DLP)", in addition to the "Block Activities" policy you have created for Print. If you have any follow up questions, please reach out directly to me at alex.esibov@microsoft.com

Sergey Zelenov · ‎Jan 14 2019

Hi Alex - thanks for getting back to me!

Yes, it's the fact that two policies of different type rather than just one are required to achieve the desired effect that I missed. It is perfectly clear to me now.

Current state of Session controls for Office 365?

Current state of Session controls for Office 365?

Re: Current state of Session controls for Office 365?

Re: Current state of Session controls for Office 365?

Re: Current state of Session controls for Office 365?

Products (64)

Special Topics (44)

Video Hub (976)

Most Active Hubs

Most Active Hubs

Video Hub

Current state of Session controls for Office 365?