Steps to Set Up Conditional Access in Office 365

Read time: 5 minutes

Conditional access in Office 365, managed through Azure Active Directory Conditional Access policies, empowers you to regulate access to your organization’s data and applications. Create multiple policies tailored to users and groups, such as permitting access from specific IP ranges or Intune-managed devices. Additionally, control resource access based on location, device type, and authentication method. This article provides a guide on configuring Office 365 conditional access and utilizing various access restrictions. Let’s begin!

What is Conditional Access in Office 365?

Conditional Access within Office 365 enhances data security by thwarting unauthorized entry. Whenever a resource, like an email account, is accessed, Conditional Access scrutinizes user permissions. If access is unauthorized, the user is promptly denied entry.

This ensures that solely authorized users can access sensitive data, effectively averting data breaches. Besides warding off unauthorized access, Conditional Access can also enforce additional security measures, such as mandating two-factor authentication. By Configuring Conditional Access, you can help to keep your organization’s data safe and secure in Office 365.

Now that we understand the versatility of using conditional access in Office 365, the possibilities are virtually limitless. Therefore, we will guide you through the fundamental steps, offering a comprehensive walkthrough.

Conditional access is a fantastic method for safeguarding data while allowing users the necessary flexibility. To get started, users should create a policy and configure the necessary conditions. Finally, they should grant access to groups and users to finalize the setup of Conditional Access in Office 365. Follow each step below for a seamless process.

1. First, you will need to create a policy. You can do this by going to the Azure portal. Follow these steps:
   • Log in to the Azure portal (https://portal.azure.com/) using your Global Administrator account.
   • Go to Azure Active Directory and go to the tab Security.
   • Next, you need to tap on Conditional Access and choose the option New Policy.
2. Once you have created your policy, you will need to apply it to your Office 365 Groups or users.
   • Enter a suitable name for the policy and click Next.
   • Under the Assignments page, select Users and Groups, and here you need to provide access to the users and groups you wish to add. Tap on Done.

   Note: You can also specify exceptions separately in the Users and Groups section. Select Grant access and click Done>Next until you reach the Assignments page.

3. Now, you can choose the Cloud apps and actions to provide conditional security to apps.
   • From the Assignments page, choose the option Cloud apps or actions.
   • Choose the Office 365 apps, and you can use this Conditional Access policy to protect Office 365 apps and other services.
   • Tap on Done.
4. Here comes the time to provide conditional access to different platforms.
   • Under the Assignments page, click on Conditions.
   • Select the platforms to which you want to apply this Conditional Access policy by clicking on Device Platforms.
   • Tap on Done.

   Using Microsoft Azure, third-party MDM solutions can manage Windows10 devices and restrict access to all other types of devices.

5. We are now on to the last step to grant access to enable the policy.
   • Within the Access controls option, select Grant.
   • You can now configure the action that will be taken when the conditions are met. Ensure the device must be marked as compliant by selecting Grant access.
   • Within the Enable policy tab, choose On, and tap on Create.

   That’s it! You have now set up conditional access in Office 365. You can now use this policy to control access to your O365 services for different users or user groups as required.

To remove the Conditional Access policy from all devices, it must be disabled in the Azure portal. Here are the steps to follow:

1. Access Azure Portal using your credentials, click Azure Active Directory and tap on Security.
2. Under the Security tab, click on Conditional Access.
3. You can now select the Azure policy that you wish to remove.
4. On the Enable policy page, select the Off option and click Save.

This action will entirely remove the Conditional Access policy, granting access to all previously selected users and groups covered by the policy. Now, while you have your Conditional Access in Office 365 all set, consider enhancing your security with Office 365 Backup. We offer a comprehensive solution for all your backup requirements: Kernel Export Office 365 to PST.

The software is designed to back up emails, contacts, calendars, and all other items of user mailboxes stored in Office 365. It offers a number of features that makes it an ideal choice for backing up data from Office 365. Some of the key features are:

• Allows users to select single or multiple mailboxes for backup.
• Allows users to filter backup by date range, item type, and source.
• Generates a report of the backup process that contains the number of items backed up, the time taken, etc.
• Support incremental and full backups.
• Has an option to export emails to PST, EML, MSG, and MBOX file format.
• Compatible with all versions of Microsoft Outlook and Exchange Server.

Last Say

Conditional access is a paramount feature for safeguarding your Office 365 data. It empowers you to establish rules dictating user access to Office 365 resources, factoring in location, device type, and sign-in method. Furthermore, it facilitates the enforcement of Multi-Factor Authentication for specific users or groups. If you haven’t already embraced conditional access in Office 365, we strongly recommend you start leveraging its capabilities today.

Additionally, to fortify your data security and address potential issues, consider adopting our backup solution. Contact us today to discover how we can assist in safeguarding your Office 365 investment.