I have a challenge in my organization because the employees are all remote.
For MS Teams, our company works with employees 100% remotely.
They are using laptops delivered by our mycompany.com and they are Microsoft Entra ID E5. We need to avoid data exfiltration and minimize some risks that we are getting with employees remote.
- Control sign-in for Microsoft Teams
Is there any way to force Microsoft Teams to only sign in with his own account?
I.e: only allow UPN@mycompany.com from my laptop delivered to me by our company
If not possible by my single UPN, can we only allow the domain sign-in @**mycompany.com**
- This is important because if the user can sign in with his personal or other workplace account, he may be able to exfiltrate data to other SPO or OneDrive.
- This will block employees from using the laptops we provided to work in different companies at the same time.
2.Block access to meetings different from mycompany.com
For some of our agents, they should only be able to access meetings generated by mycompany.com, any other meeting with other host tenants should be blocked.
3.Accept invitations for meeting only for ITI.CA.
- For some users, they should only receive invitations from mycompany.com, if any other person from other tenants sends a meeting invite to this user, the invite should be blocked.