Serious security issue with Sharepoint when setting access for work or school in Windows 10

JanSp 156 Reputation points
2020-05-21T14:10:50.123+00:00

We have a Office 365 E1 license. Our users use unmanaged/untrusted Windows 10 personal devices. We configured MFA for authentication and 30 minutes session timeout. In Windows Settings Access work or school, a user can enrol his device. The user is asked to do that after he choose to open a document with desktop App (Word). Afterwards when these users type in the url companyname.sharepoint.com he no longer is asked to authenticate with MFA and session timeout does not work. When the setting in Windows 10 is removed he again is asked to signin with MFA and session timeout works.

What is wrong in our server setting that this serious security problem arise?
Please help.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,592 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Leon Laude 85,721 Reputation points
    2020-05-27T08:00:02.22+00:00

    Hi,

    Q&A currently supports the products listed over here https://learn.microsoft.com/en-us/answers/products (more to be added later on).

    You can reach the experts in the dedicated SharePoint forum over here:
    https://social.technet.microsoft.com/Forums/en-US/home?category=sharepoint

    If you're using SharePoint Online:
    https://social.technet.microsoft.com/Forums/en-US/home?forum=onlineservicessharepoint

    (Please don't forget to accept helpful replies as answer)

    Best regards,
    Leon

    0 comments No comments