DLP. Not sure is this possible to have such control in user profile's OneDrive folders.
Manger wants total control over employee data
A Manager wants to have total control over 5 employee data.
The laptop is provided by the Company and any file created by the employee, the Manager should be able to see it. No files should be deleted by the employee even if the employee is the owner of the document it. Is there any solution from Microsoft using Intune , Conditional access or DLP ?
2 answers
Sort by: Most helpful
-
Pavel yannara Mirochnitchenko 11,716 Reputation points MVP
2024-03-23T11:51:13.31+00:00 -
Cathryn Symons 0 Reputation points
2024-03-24T13:15:42.7333333+00:00 I'm not sure that intune or conditional access are the tools for this. I would use Purview (ie DLP or Data Loss Prevention)
If you set a retention hold, files are retained for the retention period which can be indefinite. https://learn.microsoft.com/en-us/purview/create-retention-policies?tabs=other-retentionAnd give the manager access to all onedrives, tell staff not to delete files, and also give the manager access to the retention hold folders.