Search

MC424416 – Information Protection: Apply granular conditional access policies to SharePoint Online sites via sensitivity labels (archived)

Information Protection

check before: 2022-09-16

Product:

Azure Active Directory, Entra, Entra ID, Information Protection, Information Protection - Office 365, Microsoft 365 Apps, Microsoft 365 suite, Microsoft Information Protection, Purview Communication Compliance, Purview Information Protection, Purview Insider Risk Management, SharePoint

Platform:

Online, US Instances, Web, World tenant

Status:

Launched

Change type:

New feature, Admin impact

Details:

With this update, administrators will be able to use Conditional Access policies and associated sensitivity labels to require additional user authentication for accessing sensitive SharePoint sites when the user's context does not meet the requirements of the site.
This message is associated with Microsoft 365 Roadmap IDs 82115, 82163, and 85979.
[When this will happen:]
Rollout will begin in late September and is expected to be complete by end of November.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability, Targeted Release (Entire Organization)

Created:
2022-09-02

updated:
2022-09-02

the free basic plan is required to see all details. Sign up here


A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.


changes*

DatePropertyoldnew
2022-09-15MC prepareThis release has no impact on existing Conditional Access policies in Azure AD. Nor is there a change in how SharePoint Online sites use existing Conditional Access policies.
To benefit from this new feature:

Create Authentication Context in the Azure AD portal

Tag the Authentication Context name with a Conditional Access policy in the Azure AD portal
Choose the right Authentication Context name for a new sensitivity label in the compliance portal. Note: If you do not use labels that are applied to SharePoint sites, then you can directly apply the above authentication context to a given SharePoint Online site via PowerShell (download the latest SharePoint Online management shell).
After you have completed these steps, you will see the option within your Information Protection sensitivity label configuration flow:
[image placeholder]
Access the Information Protection solution in the Microsoft Purview compliance portal:

Microsoft Purview compliance portal for Worldwide and GCC cloud environments

Microsoft Purview compliance portal for GCC-High cloud environments

Microsoft Purview compliance portal for DoD cloud environments

Learn more: Manage site access based on sensitivity label - SharePoint in Microsoft 365 | Microsoft Docs
ps://compliance.apps.mil/
ps://compliance.microsoft.us/
ps://docs.microsoft.com/azure/active-directory/conditional-access/concept-conditional-access-cloud-app
ps://purview.microsoft.com/compl
ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=82115
ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=82163
ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=85979
This release has no impact on existing Conditional Access policies in Azure AD. Nor is there a change in how SharePoint Online sites use existing Conditional Access policies.
To benefit from this new feature:

Create Authentication Context in the Azure AD portal

Tag the Authentication Context name with a Conditional Access policy in the Azure AD portal
Choose the right Authentication Context name for a new sensitivity label in the compliance portal. Note: If you do not use labels that are applied to SharePoint sites, then you can directly apply the above authentication context to a given SharePoint Online site via PowerShell (download the latest SharePoint Online management shell).
After you have completed these steps, you will see the option within your Information Protection sensitivity label configuration flow:
[image placeholder]
Access the Information Protection solution in the Microsoft Purview compliance portal:

Microsoft Purview compliance portal for Worldwide and GCC cloud environments

Microsoft Purview compliance portal for GCC-High cloud environments

Microsoft Purview compliance portal for DoD cloud environments

Learn more: Manage site access based on sensitivity label - SharePoint in Microsoft 365 | Microsoft Docs
https://compliance.apps.mil/
https://compliance.microsoft.us/
https://docs.microsoft.com/azure/active-directory/conditional-access/concept-conditional-access-cloud-apps
https://purview.microsoft.com/compliance
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=82115
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=82163
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=85979

*starting April 2022

Last updated 3 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!