Restrict personal Teams instances from corporate devices

%3CLINGO-SUB%20id%3D%22lingo-sub-1018661%22%20slang%3D%22en-US%22%3ERe%3A%20Restrict%20personal%20Teams%20instances%20from%20corporate%20devices%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1018661%22%20slang%3D%22en-US%22%3EYou%20can%20use%20conditional%20access%20to%20secure%20your%20Teams%20usage%2C%20but%20afaik%20there%E2%80%99s%20no%20way%20to%20restrict%20users%20to%20have%20guests%20accounts%20in%20other%20tenants%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1018763%22%20slang%3D%22en-US%22%3ERE%3A%20Restrict%20personal%20Teams%20instances%20from%20corporate%20devices%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1018763%22%20slang%3D%22en-US%22%3E%3CP%3EThanks%20Adam%2C%20yup%20we%20do%20that%20four%20our%20own%20Tenant.%20I%20am%20looking%20for%20ways%20(Outside%20of%20O365)%20to%20restrict%20access%20to%20other%20instances%20via%20a%20CASB%20and%20not%20finding%20much.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20Netskope%20CASB%20for%20example%20you%20can%20whitelist%20your%20corporate%20cloud%20app%20instance%20if%20you%20have%20unique%20URL%20like%20companyname.teams.microsoft.com%20but%20Teams%20uses%20generic%20URL(teams.microsoft.com).%20When%20analyzing%20the%20https%20traffic%20I%20do%20see%20teams.microsoft.com%2Fxx%2Forgid%3Dyourorgid%20but%20not%20all%20traffic%20uses%20that%20URL%20pattern.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1018588%22%20slang%3D%22en-US%22%3ERestrict%20personal%20Teams%20instances%20from%20corporate%20devices%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1018588%22%20slang%3D%22en-US%22%3E%3CP%3EHow%20are%20others%20restricting%20access%20to%20non-corporate%20Teams%20instances%20from%20corporate%20owned%20devices%3F%3C%2FP%3E%3CP%3EAre%20you%20using%20CASB%2C%20DLP%20or%20other%20solutions%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20want%20to%20allow%20access%20to%20only%20the%20enterprise%20Teams%20instance%20and%20not%20personal.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHusein.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1018588%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Eteams%20casb%20dlp%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
New Contributor

How are others restricting access to non-corporate Teams instances from corporate owned devices?

Are you using CASB, DLP or other solutions?

 

We want to allow access to only the enterprise Teams instance and not personal.

 

Husein.

2 Replies
You can use conditional access to secure your Teams usage, but afaik there’s no way to restrict users to have guests accounts in other tenants

Thanks Adam, yup we do that four our own Tenant. I am looking for ways (Outside of O365) to restrict access to other instances via a CASB and not finding much.

 

In Netskope CASB for example you can whitelist your corporate cloud app instance if you have unique URL like companyname.teams.microsoft.com but Teams uses generic URL(teams.microsoft.com). When analyzing the https traffic I do see teams.microsoft.com/xx/orgid=yourorgid but not all traffic uses that URL pattern.

www.000webhost.com