Forum Discussion
Limit the number of files/ total sizes can be downloaded by user per hour in Sharepoint Online?
In Sharepoint Online, I want to avoid that users could download or copy the full content of a library or a site he has access to. The goal is to avoid that before leaving the company an employee download all documents he has access to before working for a competitor.
Finally, let say I want to limit the number of files and total sizes that users can download per hour or per login time ?
Do we have any solution to reach those goals? or any suggestions/keywords I did try to research but no luck. Much appreciated your help.
Duy_Nguyen_Duc
This is going to be a challenge.
The most robust solution is to ensure all documents are encrypted when they are downloaded. This requires a serious amount of work and appropriate licenses.
You may want to look at the capabilities of Conditional Access to impose "download" limits. Again, the use of Conditional Access has license constraints and requires effort to implement.Does your company allow use of OneDrive for Business client?
If so, that makes things even harder. The "user" can then simply accumulate all documents on a local machine using OneDrive client. If the documents are not encrypted they can be simply opened, copied, ...
Summary: blocking all options is going to be hard.
PaulThanks Paul. I know it's quite hard because I also try to do some research but there is no comprehensive solution. Lemme have a look at Conditional Access to see if it has anything that can adapt to our requirements or even a part of them.
- Though not exactly what you want to do, there are a few options to consider.
First, on any given site, you can prevent downloading or syncing entirely. This might be a good idea on sites where you have sensitive information. https://support.microsoft.com/en-us/office/prevent-users-from-downloading-content-from-a-site-98821ec7-cc99-4393-a002-f73370ba6694.
Another is to use a compliance alert to get notified when a large number of files are downloaded at the same time. This isn't a perfect solution, but it may address your goal of identifying if someone tries to copy the entire library that they have access to at one time. https://docs.microsoft.com/en-us/microsoft-365/compliance/alert-policies?view=o365-worldwideSusanHanley
Thanks Susan for your recomendation.In fact, we build a document management system using Share Point Online framework. We have a permission matrix to control which files people can view, edit, delete. It means we still want to give users rights to read or download not prevent them but we want to limit them to mitigrate the risks.
We also are going to monitor surge traffic and alert to admin but it's a solution to deal with the consequences not prevent them.
