BOOK MEETING
CONTACT US
Categories
guide File Sharing/Blocking

Disabling OneDrive Access: A Step-by-Step Guide 

be09dd2b 2733 40e5 903d 1b285194407a

The seamless integration of OneDrive into the Microsoft 365 suite offers undeniable benefits for collaboration and file storage. However, there are scenarios where organizations might need to restrict access to OneDrive, especially when dealing with sensitive data or specific compliance requirements. If you’re looking to manage OneDrive access within your organization, this guide will walk you through the process of disabling it using Conditional Access Policies. 

How to Restrict Access 

To restrict access to OneDrive, you must first block SharePoint Online access. This can be achieved using Conditional Access Policies. To set up these policies, you need one of the following licenses: 

  • Azure Active Directory Premium P1 or P2 
  • Microsoft 365 Business Premium 
  • Microsoft 365 E3 or E5 
  • Enterprise Mobility and Security E3 or E5 

To create the policy, simply follow the numbered screenshots provided for easy guidance. 

Step1  

In admin.microsoft.com, choose “Identity”  

aa91b0bb 74fa 4531 9052 2b8a4fad0429

Step 2: 

You will be directed to the Microsoft Entra Admin Center. On the left side, select “Protection,” then “Conditional Access,” and click on “Create New Policy.” 

6a6e9da1 9c76 4fab b97c 07215673178e

Step 3: 

Give the policy a name, then select “Specific users included.” You can now specify which users to include or exclude from this policy.

ae3829c9 096e 4385 91da 877db9fb33c1

Step 4: 

In the “Target Resources” section, choose the policy that applies to “Cloud Apps,” and then select “Office 365 SharePoint Online.”

e7ae506a 7b8a 446f 8d70 7433e84c2f0a

Step 5: 

In the “Network” section, set the option to “Yes” to include all networks and locations.

ed0651ce dc76 48a2 a41a 322d12dbcdb7

Step 6: 

In the “Conditions” section, set “Device Platform” to “Any Device.” For “Cloud Apps,” select “Yes” and choose all clients as shown in the screenshot below.

86b762bf 83d1 4b97 8406 b4438fe5f56b

Step 7: 

In the “Grant” section, select “Grant Access”.  

7b5f0294 4479 48b7 8dc3 7d854db09530

Step 8 

In the “Session” section, choose “Use app-enforced restrictions” and click on Select.  

63324e37 e104 4e53 adcb d96fdcc5228f

Step 9: 

Change “Enable policy” to ON and click on “Create”.  

aca2a029 f0fd 40a9 98c2 40ca4618d585

n conclusion, the seamless integration and collaborative power of OneDrive and SharePoint within Microsoft 365 are undeniable. However, maintaining control over sensitive information and ensuring compliance requires more than just default settings. AGAT Software’s SphereShield offers a robust solution to address these concerns, providing granular control and flexibility to manage file uploads, sharing, and access permissions across OneDrive and SharePoint. 

With AGAT, you can prevent unauthorized access, enforce data segregation policies, and maintain strict compliance standards. Whether you need to restrict file uploads, prevent sharing between specific groups, or control site access, AGAT empowers you to tailor your security measures to your unique requirements. 

By implementing SphereShield, you can confidently leverage the benefits of OneDrive and SharePoint while safeguarding your sensitive data and ensuring regulatory compliance. Don’t let uncontrolled file access create risks for your organization. Take control with SphereShield and experience a secure, compliant, and collaborative environment. 

Categories
blog Ethical Wall Microsoft Teams

Ensuring Secure Collaboration with SphereShield Ethical Wall for Microsoft Teams

In today’s interconnected business environment, protecting sensitive information and ensuring secure collaboration is more critical than ever. Whether you are part of a large enterprise, a school, or a small business, maintaining control over communication and data sharing is essential. This is where the SphereShield Ethical Wall for Microsoft Teams comes into play, offering robust information barriers and dynamic policies to meet your needs. 

Understanding the Ethical Wall 

The SphereShield Ethical Wall provides comprehensive control over who can communicate with whom within your organization, using specific collaboration options. It allows administrators to apply policies on both external and internal users and groups, ensuring that sensitive information remains secure, and that communication complies with your organization’s regulations. 

Key Features of the SphereShield Ethical Wall 

1. Dynamic Policies: 

With SphereShield, you have granular control over communication-based on groups, domains, and individual users. Policies are applied dynamically, adapting to the context of each communication, and providing flexibility and precision in enforcing rules. 

2. Granular Policies: 

SphereShield allows you to control various types of communication, including direct messages, file sharing, screen sharing, audio, and video. This ensures that your organization can tailor policies to specific needs and scenarios. 

3. Policy Scopes: 

Policies can be applied to different scopes such as chat, channels, and meetings. Depending on the participant type (employee, external user, or guest), you can customize the level of access and interaction permitted. 

Typical Policies Implemented by the Ethical Wall 

Here are some common use cases where SphereShield Ethical Wall enhances security and compliance: 

Preventing HR from sharing files with non-HR members: Protect sensitive HR information by restricting file sharing to HR-only groups. 

  • Blocking the Finance Group from uploading files: Ensure that financial data remains secure by preventing uploads to OneDrive, SharePoint, or Teams. 
  • Allowing only Teachers to create new Teams: In a school setting, restrict the creation of new Teams to authorized staff, ensuring proper management and oversight. 
  • Blocking communications between finance and research groups: Maintain confidentiality and prevent conflicts of interest by blocking interactions between specific departments. 
  • Blocking desktop sharing for specific groups: Control the sharing of screens to prevent unauthorized access to sensitive information. 
  • Allowing specific users/groups to communicate externally: Manage external communication by specifying which users or groups can interact with outside parties. 

Common Problems Solved by the Ethical Wall 

The SphereShield Ethical Wall addresses several critical issues, including: 

  • Blocking file sharing across the Microsoft environment: Prevent unauthorized distribution of sensitive files. 
  • Protecting user privacy: Ensure that personal information remains confidential. 
  • Restricting third-party or outsourced companies: Manage the level of access and communication with external partners. 
  • Notifying participants about policy rules: Keep users informed about the communication policies in place to ensure compliance. 

Complete Auditing and Reporting 

SphereShield provides thorough auditing and reporting features, allowing you to monitor and obtain information on any violation attempts. This is crucial for training and raising awareness among employees about the importance of adhering to communication policies. Administrators can receive real-time notifications when incidents occur, ensuring prompt response and resolution. 

Simple and Powerful Management 

The SphereShield Ethical Wall offers a user-friendly web interface for configuring rules, making it easy for compliance administrators to set up and manage policies. Once created, rules are automatically implemented with minimal delay, ensuring that your organization always remains secure. 

Covering All Microsoft Teams Scopes 

SphereShield Ethical Wall for Microsoft Teams comprehensively covers all communication scopes, including chat, meetings, and Teams & Channels. This ensures that all areas of communication within Microsoft Teams are secured and compliant with your organization’s policies. 

Deployment Options: SaaS or On-Premise 

SphereShield Ethical Wall offers flexibility in deployment, available as a SaaS solution requiring no installation, or as an on-premise installation within your DMZ or cloud environment (Azure, AWS, etc.). This ensures that you can choose the deployment method that best suits your organization’s infrastructure and security requirements. 

Conclusion 

In conclusion, the SphereShield Ethical Wall for Microsoft Teams is a powerful tool for ensuring secure collaboration and communication within your organization. With its dynamic and granular policies, comprehensive auditing and reporting, and flexible deployment options, SphereShield provides the control and security needed to protect sensitive information and comply with internal and external regulations. By implementing SphereShield, you can confidently manage communication interactions, prevent unauthorized data sharing, and maintain the integrity and confidentiality of your organization’s information. 

Learn More

Categories
blog DLP

Decoding DLP: Real-Time, Near-Time, and At-Rest

Slide 16 9 45

In today’s digital landscape, data has become one of the most valuable assets for organizations worldwide. With the proliferation of cyber threats and the increasing regulatory requirements for data protection, safeguarding sensitive information has never been more critical. This is where Data Loss Prevention (DLP) comes into play. DLP encompasses a set of tools, policies, and processes designed to prevent the unauthorized access, transfer, or exposure of sensitive data. 

There are three primary types of DLP solutions: Real-time DLP, Near-real time, and At-rest DLP. Each type serves a distinct purpose and plays a crucial role in ensuring comprehensive data protection across various environments. 

Distinguishing between real-time, near-time, and at-rest implementations is essential for devising effective security strategies. Each approach offers distinct advantages and addresses different stages of data processing and storage. Let’s delve into these differences and underscore the significance of real-time DLP, especially in the context of unified communication platforms like Teams and Webex. 

Real-Time, Near-Time, and At-Rest DLP: Explained 

Real-Time DLP:  

Real-time DLP operates instantaneously, analyzing data as it flows across networks or endpoints. This proactive approach enables immediate detection and prevention of unauthorized data transfers or leaks, mitigating potential security breaches in real-time. By continuously monitoring data in motion, real-time DLP provides swift responses to security incidents, bolstering the organization’s defence against evolving threats. 

Near-Time DLP:  

Near-time DLP, sometimes referred to as near real-time, involves the analysis of data with minimal delay after its creation or transmission. While not as immediate as real-time DLP, near-time DLP still offers timely detection and response capabilities, allowing organizations to identify and mitigate security risks shortly after they occur. Near-time DLP strikes a balance between real-time monitoring and processing efficiency, providing effective protection against data breaches without imposing significant overhead. 

At-Rest DLP:  

At-rest DLP focuses on safeguarding data that is stored or inactive. This approach involves scanning and securing data repositories, endpoints, and cloud storage to prevent unauthorized access or manipulation of sensitive information. At-rest DLP applies encryption, access controls, and data classification to ensure that stored data remains protected from external threats and insider risks. 

The Importance of Real-Time DLP 

Unified communication platforms like Microsoft Teams and Cisco Webex thrive on instant collaboration and information exchange. In such dynamic environments, real-time DLP emerges as a cornerstone of data security. Here’s why: 

Immediate Threat Mitigation:  

Real-time DLP enables organizations to swiftly detect and respond to security incidents as they unfold. By intercepting unauthorized data transfers or leaks in real time, organizations can prevent data breaches before they escalate, minimizing potential damages and mitigating risks to sensitive information. 

Continuous Monitoring:  

With real-time DLP, organizations benefit from continuous monitoring of data in motion across networks, endpoints, and cloud environments. This persistent surveillance ensures comprehensive coverage and visibility into data activities, allowing organizations to stay ahead of emerging threats and enforce data protection policies effectively. 

Enhanced Compliance:  

Real-time DLP helps organizations maintain compliance with regulatory requirements by enforcing data security policies in real time. By monitoring and controlling data flows, organizations can demonstrate adherence to data protection standards and mitigate the risk of compliance violations, protecting their reputation and avoiding costly penalties. 

Conclusion 

In conclusion, Data Loss Prevention (DLP) plays a vital role in safeguarding sensitive data across network, endpoint, and cloud environments. By implementing comprehensive DLP solutions, organizations can protect their valuable assets, mitigate the risks of data breaches, and ensure compliance with regulatory requirements. In the context of unified communication platforms like Microsoft Teams and Cisco Webex, DLP becomes even more critical, helping organizations maintain confidentiality, integrity, and availability of data in today’s interconnected and collaborative business landscape. 

Explore DLP Solutions