Microsoft added new IT management controls to OneDrive for Business

Yesterday, Microsoft has added some new IT management controls to OneDrive for Business application.

Reuben Krippner, director of Product management for Office 365 has written in the blog that,

The OneDrive for Business team has been working to deliver the most commonly requested controls by IT admins. Today we’ll highlight new management options you have to protect and control the flow of your information using OneDrive for Business.

Limiting file sync to domain joined PCs

OneDrive for Business enables the users to sync their files to use them offline across their PCs. IT admins are requested Microsoft for the ability to block sync on unmanaged PCs. Now you can also enable the file sync to work only on the domain joined PCs, thereby blocking the file synchronization on your personally owned or unmanaged computers.

This new control will make use of the PowerShell to limit the file sync to the list of permitted domains and if your organization is using multiple domains, from them you can choose the individual domains from which you can allow the sync requests.

PowerShell cmdlet and the syntax you need to use is

SetEnable DomainGuids “786548DD-877B-4760-A749-6B1EFBC1190A; 877564FF-877B-4760-A749-6B1EFBC1190A”

Auditing all actions taken against OneDrive for business files

New auditing controls are rolling out to the Office 365 compliance center that let you to audit all the actions that are taken against the files that are stored in OneDrive. To monitor the activities such as PCs attempted to sync with the OneDrive and who viewed and shared the files, auditing controls offering the visibility.

Managing mobile devices connecting to OneDrive for Business data

As the users are increasing to move to OneDrive to store and access their files, e-mail based mobile device management policies which may not suffice to protect the data. Using MDM in Office 365, you can make sure that the devices connecting to your OneDrive for Business data are managed. After setting up the MDM policies, a device is needed to enroll in MDM for Office 365 when it connects to your data using OneDrive or Office mobile apps. This ensures that your device meets the security requirements that invokes PIN log-in and other chosen configurations on the device.

Setting storage quotas in OneDrive for Business

Though the limit of 1 TB of data in cloud is attractive for many people, but many organizations requested the ability to set the smaller quota limits. It could limit the amount of data stored, for the information protection reasons or simply to make sure what the people store in OneDrive can sync on their computer’s hard drive.

Prevent unintentional sharing to “Everyone” to “All Users” in OneDrive for Business

OneDrive for Business is designed in such a way that to ensure that only those with viewing or editing permissions can view or edit the file. Generally, organizations want the sharing with people to be specific and targeted action. Microsoft also introduced Share with everyone folder which means that the files placed in this folder will automatically grant users the permission and are easily discoverable through the Delve.

All these new controls were introduced based on your feedback and they offer more capabilities to protect the corporate information in OneDrive. In next few months, Microsoft will deliver a the complete range of new user experiences including the new sync client, new web client refresh and the offline file support for the mobile devices. Microsoft is also working on the new controls for the IT admins to manage the scope or the span of sharing outside organization as well as other controls that offer additional ways to secure the important business files.

You may also like...