Netskope Global Technical Success (GTS)

Block Microsoft Apps Access: Personal Account - I

Netskope Cloud Version - 119

Objective

Microsoft Apps access via personal email ID should be blocked

Prerequisite

Netskope CASB Inline license is required

Context

The customer's requirement is to block access to all Microsoft apps when a user tries to access them using their personal email ID (for example, *@outlook.com, *@hotmail.com).This document will discuss how to achieve this.

Do You Know?

• The Microsoft suite includes a variety of applications. The domains responsible for user authentication (when an end-user attempts to log in via their personal account, such as *@outlook.com, *@hotmail.com) include account.live.com, login.live.com, profile.live.com, sc.imp.live.com, secure.shared.live.com, skypewebexperience.live.com, and windowslive.tt.omtrdc.net.
• Netskope recognizes these domains under a predefined cloud app called Microsoft Live Accounts
• As of March 22, 2024 with Netskope’s Microsoft Live Accounts predefined cloud app connector, customers can exercise control over the following activities:

Configuration

• Create a Real-time protection policy

Path - Netskope Tenant UI >>> Policies >>> Real-time Protection >>> New Policy

Verification

• Step 1 - Try to login Microsoft Outlook web version and you will get the below -

• Step 2 - Check policy hits

Terms and Conditions

• All documented information undergoes testing and verification to ensure accuracy.
• In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.

Notes

• This article is authored by Netskope Global Technical Success (GTS).
• For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.