MDCA + OneDrive

Copper Contributor

Hello Community,

We're trying to understand MDCA + OneDrive for business

Contractors connecting through remote access solution, meaning contractors will have access to our data and can download to their devices. (Unmanaged device)

1. How can we detect this and block/encrypt the data?


2. Eventual external sharing capabilities

  • Block external sharing of highly confidential data?
  • Encrypt sharing confidential files?
2 Replies

I think you can create a session policy that detects download from unmanaged devices, something like this:

xtlf_1-1690993028399.png

In this case I'm using a sensitivity label that is already configured, and of course, I have some files marked with that label.
Of course if you remove the filter, the action will apply do any unmanaged device. 
In order to work you must have the application covered by a Conditional Access Policy in AAD (in my case I'm applying to SharePoint, but I think this is not a problem).

 

For the sharing take a look to the policy template named: "File shared with unauthorized domain"
and play a bit with the filters. Under the governance actions you have several options to remove the share or remove collaborators. I never tested it anyway... 

 

Thanks.
From the documentation under limitations, https://learn.microsoft.com/en-us/defender-cloud-apps/proxy-intro-aad
we can see Session policies are valid for files up to 50MB
Inspections policies for information protection are valid for files up to 30MB in size and 1million characters.
Would like to know what will be behaviour if the file size is above 30MB.