This article explains how to setup Microsoft OneDrive categories to restrict what the user is allowed to do namely downloading, and uploading.
Note: Implementing this solution will only work on the web client, it will not work with OneDrive applications.
The following will outline the procedure of how to set up custom categories to block downloading or uploading files in OneDrive.
- Create a new custom category in Guardian > Policy objects > Categories, named for the service you are blocking, for example, OneDrive Uploads.
- Add the following to URL patterns block the service:
- To block downloads:
- To block uploads:
Tip: If required, you can add both URLs above to a single custom category to block all OneDrive services
- If one does not exist, create a new HTTPS inspection policy with the OneDrive custom category selected as the What, and Decrypt and inspect as the Action.
- Who Everyone*
- What Choose the custom category created in step 1
- Where Everywhere*
- When Always*
- Action Block
Make sure theEnable Policy option is selected.
*You should change these based on your organizational needs.