none
Office 365 & Preventing Users from Giving Third Parties Access to their Data RRS feed

  • Question

  • Office 365, by default, allows users to use third party apps/websites that can gain access to that user's O365 data, whether it be mailbox, onenote, sharepoint, etc.  An example is evercontact.com. You sign up, it asks for permissions to your mailbox, then it reads in all your contacts. It also can read all your mail.

    As a security admin, I want to prevent this. Can this be done and if so, how?

    In O365 Admin portal, Settings>Services & Add-ins>Integrated Apps was turned to OFF three days ago. It's description seems to fit what I need. 

    When Integrated Apps is turned on, users in your organization can allow third-party apps to access their Office 365 information.
    Let people in your organization decide whether third-party apps can access their Office 365 information

    However, it does not prevent the evercontact example I used above. I have no idea what it might actually do but I cannot see a difference in anything since enabling.

    This is quite a serious security matter that I cannot believe has not been addressed but Microsoft support is of no help, referring me to "train" my users. For a taste of why this is a security risk, see https://blog.knowbe4.com/heads-up-new-ransomware-strain-encrypts-cloud-email-real-time-video.

    Tuesday, January 23, 2018 6:00 PM