Location Based Conditional Access for SharePoint Online and OneDrive for Business

I have been waiting for this capability to be released for some time now – Location Based Conditional Access.

SharePoint Online and OneDrive for Business has released a new solution that will allowing admins to control where data is synchronized to.  Specifically, you can create policy that can block synchronization of SharePoint Online and OneDrive for Business data based on IP address ranges. 

Why this is important?  For instance, there are many enterprise organizations that do not want their documents and files to be synchronized to non-managed devices or non-managed networks.  In many cases, administrators may only allow browser based access to documents when the user access documents from non-managed devices or non-managed networks.

Note if you have, Azure Active Directory Premium (AADP) configured, AADP will enforce its policy first and then the new SharePoint / OneDrive policy will be enforced.

Reference - https://techcommunity.microsoft.com/t5/SharePoint-Blog/Introducing-Conditional-Access-by-Network-Location-for/ba-p/39274