question

ScottChris-7447 avatar image
1 Vote"
ScottChris-7447 asked azure-cxp-api edited

Tenant restrictions and Securemail Access

Hi everyone,

I have a scenario where Contoso1 has locked down access to any other tenant so that authentication cannot take place unless that specific tenant ID is whitelisted.

We have another tenant, Contoso2, that wants to send secured email from Outlook to specific Contoso1 mailboxes, but as Contoso1 has not whitelisted the tenant ID, target mailboxes cannot authenticate to view the email.

Now, the issue is that the C-Level people at Contoso1 do NOT want to whitelist the whole tenant ID for Contoso2 for fear that a user account will be created on both ends and data will be exfiltrated, but we still need to view and authenticate the emails being sent.

Is there a method available where you can granulate what resources are accessed on Contoso2 FROM Contoso1 OR a method to fully audit what a user account does on any other tenant that is not part of the whitelist and have alerting built up around that auditing?

azure-ad-tenant
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi, we are investigating your issue and will update you shortly.

Best,
James

1 Vote 1 ·

Thanks for the update, James.

If prevention isn't possible then having the ability to at least audit this would be good too.

0 Votes 0 ·

0 Answers