how to prevent users from login to their personal office365 account?

Occasional Contributor

hi,

 

just wondering if anyone can share how they prevent their users from login to their personal office 365 accounts? 

 

especially for services such as onedrive, outlook...

 

6 Replies

Use the "block sign-in" option in the O365 portal?

thanks. How does this prevent user from login to their personal account when they are in the company network? 

Well it helps when you give more than a one-line description of the issue. If by personal you mean their own O365 subscriptions or in general any "non-company" O365 tenant, you can use the "tenant restrictions" feature: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-tenant-restrictions

Tenant restrictions prevent users from logging into other business tenants, but there doesn’t seem to be a way to prevent users from logging into their personal outlook accounts (e.g. hotmail).

 

We can block personal OneDrive by blocking specific live.com endpoints, but that doesn’t work for Outlook.

 

Does anyone know how to block our business users from logging into their personal (eg non business tenant) Outlook and creating a data leakage concern?

 

You can use a regkey or via GPO to restrict adding any further accounts in outlook!

 

Furthermore you can utilize  IRM , AIP and conditional access to restrict forwarding, download, copy / paste, device and location restriction etc. to further enhance your security

 

Adam

@adam deltinger Do you know if there has been any updates to this?  I'm trying to find a simple way of restricting domain sign in so a user cant sign into their hotmail account from a company machine.