Under Device access in the OneDrive Admin Center, you can configure additional security restrictions, as shown in the following screenshot:
Let's take a look at what these security restrictions do:
- Control access based on network location: Use this option to specify networks that OneDrive can be accessed from. If you're specifying your corporate network, be sure to include all of your public addresses. If you lock yourself out, you will need to contact support to regain access.
This setting will affect access to SharePoint Online, as well as any other services that require access to SharePoint Online, such as Microsoft Teams.
- Allow access from apps that don't use modern authentication: This can be used to enable or disable access from third-party applications, as well as older versions of the OneDrive for Business synchronization client.
Under Mobile application management, you will find additional policy options that apply to mobile devices:
SETTING | OPTION |
Block downloading files in the apps | On/Off |
Block taking screenshots in Android apps | On/Off |
Block copying files and content within files | On/Off |
Block printing files in the apps | On/Off |
Block backing up app data | On/Off |
Require app passcode | Number of attempts before the app is reset (numeric value) Passcode length (numeric value) Require complex passcode (On/Off) Allow a fingerprint instead of a passcode (iOS only) (On/Off) |
Block opening OneDrive and SharePoint files in other apps | On/Off |
Encrypt app data when the device is locked | On/Off |
Require Office 365 sign-in every seven days | On/Off |
Minutes to verify user access after |
Number |
Days to wipe app data after | Number |