We are in the process of moving to O365 and SharePoint online (SP). Since out SP site contains PHI and also functions as our Intranet, we want to restrict the access to only users that are connected to their VDI desktop. We don't want to have users connecting to our SP from home or anywhere else.
We have Azure AD Connect and Okta in place. Okta has a way to restrict the IP space if the app knows about Okta and we have done this. However, I can still access SP from home.
I am sure that we are not the first to request this.