Apr 26 2020
- last edited on
Feb 19 2021
I have enabled the sensitivity labels preview described here and set up a group that is blocking unmanaged devices: https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view...
The goal is to block access to files in certain groups from unmanaged devices, while still allowing access to Teams for communication purposes. This works perfectly, albeit it would make sense to also block the Teams channel associated with a group that blocks unmanaged devices.
The issue remaining is that images are embedded into chat messages. So even though the image is uploaded to the "Files" folder on the group's sharepoint site, the image in the chat message is being hosted somewhere else that still allows the unmanaged device access. Presumably with the text chat messages. Some of our teams produce infographics and maps that we cannot allow to be viewed on an unmanaged device. Is there a way to block embedded pictures at the tenant or group/channel level so it just provides the sharepoint link as if it were a pdf file?
Apr 27 2020 11:10 AM
Apr 27 2020 04:55 PM
Yeah we'll have to go with #1 I think. Blocking Teams from certain groups and largely cutting off their communications from other segments of the company wouldn't fly. Hopefully we can block Teams channels from unmanaged devices by sensitivity label at some point.