I want to apply DLP organization wide. I tried using Endpoint security from Seqrite but somehow it does not have the option to block uploads via Microsoft Teams.

Pankaj Garg 0 Reputation points
2023-09-27T07:05:54.4+00:00

I want to apply DLP organization wide. I tried using Endpoint security from Seqrite but somehow it does not have the option to block uploads via Microsoft Teams. How can I bind MS Office account to Laptop device so that no user can login from their account or block uploads from Microsoft teams.?

Microsoft Purview
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,182 questions
Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,899 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,086 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,825 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Akshay-MSFT 17,866 Reputation points Microsoft Employee
    2023-09-28T05:54:02.03+00:00

    @Pankaj Garg

    Thank you for posting your query on Microsoft Q&A, from above description I could understand that you have want to Disable files upload option for end users on Teams.

    Please do correct me if this is not the case by responding in the comments section.

    To achieve this you may try Turn off Teams Native File Upload policy.

    Since Microsoft Teams uses OneDrive and SharePoint to store and share content, but some organizations and users might prefer to use third-party storage providers.

    This option is used when an organization have follows third party for content storage, you need to turn off the NativeFileEntryPoints parameter in the Teams Files policy. This parameter is enabled by default, which shows the option to upload content from OneDrive or SharePoint to Teams chats or channels.

    Sample PowerShell policy cmdlet for entire tenant:

    Turn off native file upload point

    Set-CsTeamsFilesPolicy -Identity Global -NativeFileEntryPoints Disabled
    
    
    

    Turn on native file upload point

    Set-CsTeamsFilesPolicy -Identity Global -NativeFileEntryPoints Enabled
    

    Turn off NativeFileEntryPoints for specific users

    When a user is assigned the CsTeamsFilesPolicy with -Identity UserPolicy, their native file entry points will be turned off.

    New-CsTeamsFilesPolicy -Identity UserPolicy -NativeFileEntryPoints Disabled
    

    Assign a policy to user

    Grant-CsTeamsFilesPolicy  -identity "user email id" -PolicyName UserPolicy
    
    
    

    Update1

    Yes, we can stop user from logging onto teams via personal or other organizational accounts:

    For windows and MacOS devices follow How to restrict Teams sign-in on desktop devices, where policies can be applied via ADMX either using MDM (Intune) or GPO.

    For iOS and Android devices you must follow: How to restrict Microsoft Teams sign-in on mobile devices

    Thanks,

    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.