Restrict Access to Site

shocko · ‎Sep 27 2021

I'm using Sharepoint Online (SPO) with M365 E5 licenses. Our company is very risk adverse. Currently we restrict access to SPO using AzureAD conditional access and restrict to our corporate IP address range. We now have a use case to allow usage of one site from outside this range by organizational accounts (non-guest users). This site is not using Power Platform integrations like Power Automate etc. I'm wondering how I can accomplish this? The site that we require to be used from Outside the corporate network is accessed by users who also use other sites that we want restricted to the corporate network.

Since AzureAD conditional access works at the Office365 level I can't see how that can be used.
SPO seems to have it's own Network Access policy but this applies at the SPO level and not site level. Is it possible to override this at a site level?

Juan Carlos González Martín · ‎Sep 27 2021

Take a look at Sensitivity Labels applied to container + authentication context with Conditional Access

shocko · ‎Oct 15 2021

Do sensitivity labels not only apply to MS document types though?

ChristianJBergstrom · ‎Oct 16 2021

No, you can use them on containers now as well (groups, sites) and with the Authentication context (in preview) you can be granular in a way you previously couldn't. So connect the context with conditional access policy and add it to your sensitivity label/s, or even use them with MCAS if you want to go that way.

https://docs.microsoft.com/en-us/microsoft-365/compliance/sensitivity-labels-teams-groups-sites?view...

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/concept-conditional-acces...

Restrict Access to Site

Restrict Access to Site

Re: Restrict Access to Site

Re: Restrict Access to Site

Re: Restrict Access to Site

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Restrict Access to Site