<div>
You will want to use tenant restrictions. See blog post <a href="https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/New-enhanced-access-controls-in-Azure-AD-Tenant-Restrictions-is/ba-p/245194" rel="ugc">here</a> and the documentation <a href="https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/tenant-restrictions" rel="ugc">here</a>.
</div>


You will want to use tenant restrictions. See blog post here [https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/New-enhanced-access-controls-in-Azure-AD-Tenant-Restrictions-is/ba-p/245194] and the documentation here [https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/tenant-restrictions].

IT_Admin 0723

IT _Admin0723

<div>
@learnctx - thank you for the input - would this work/or can be combined in parallel with our current proxy solution (for instance Zscaler).<br />
@Vasil - thank you for the input - we actually have the allowtenantlist enabled and for some reason it still doesn't restrict to our tenant only.
</div>


@learnctx - thank you for the input - would this work/or can be combined in parallel with our current proxy solution (for instance Zscaler).
@Vasil - thank you for the input - we actually have the allowtenantlist enabled and for some reason it still doesn't restrict to our tenant only.

<div>
<blockquote>
@learnctx - thank you for the input - would this work/or can be combined in parallel with our current proxy solution (for instance Zscaler).
</blockquote>
<br />
Yes it should do. As long as your proxy can:<br />
<br />

<ul>
<li>Perform SSL interception</li>
<li>HTTP header insertion</li>
<li>Filter destinations using FQDNs/URLs.</li>
</ul>
</div>


> @learnctx - thank you for the input - would this work/or can be combined in parallel with our current proxy solution (for instance Zscaler).


Yes it should do. As long as your proxy can:


 * Perform SSL interception
 * HTTP header insertion
 * Filter destinations using FQDNs/URLs.

<div>
<div class="content wysiwyg-content">
Hi team,<br />
In the process of migrating to Office 365, we have Zscaler tenant restrictions enabled but for some reason we can still access a 3rd party user's one drive and was able to upload and download files to/from it. Is there a way to block the access to 'other' OneDrive accounts on our corporate network?<br />
<br />
Any thoughts would be greatly appreciated.<br />
<br />
Thanks!
</div>
</div>


Hi team,
In the process of migrating to Office 365, we have Zscaler tenant restrictions enabled but for some reason we can still access a 3rd party user's one drive and was able to upload and download files to/from it. Is there a way to block the access to 'other' OneDrive accounts on our corporate network?

Any thoughts would be greatly appreciated.

Thanks!

Not Allowing Access to Other OneDrive Accounts on our Corporate Network

Office 365 is a group of software plus services subscriptions that provides productivity software and related services to its subscribers. Office 365 allows the use of Microsoft Office apps on Windows and OS X, provides storage space on Microsoft's cloud storage service OneDrive, and grants 60 Skype minutes per month. Office 365 includes e-mail and social networking services through hosted versions of Exchange Server, Skype for Business Server, SharePoint and Office Online, integration with Yammer, as well as access to the Office software. All of Office 365's components can be managed and configured through an online portal; users can be added manually, imported from a CSV file, or Office 365 can be set up for single sign-on with a local Active Directory using Active Directory Federation Services.

Microsoft 365

Microsoft OneDrive (formerly SkyDrive) is a file hosting service and synchronization service operated by Microsoft as part of its web version of Office. First launched in August 2007, OneDrive allows users to store files and personal data like Windows settings or BitLocker recovery keys in the cloud, share files, and sync files across Android, Windows Phone, and iOS mobile devices, Windows and macOS computers, and the Xbox 360, Xbox One, and Xbox Series X and S consoles. Users can upload Microsoft Office documents to OneDrive.

OneDrive

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.