Block unmanaged devices from malicious files uploaded or downloaded from our sanctioned apps
To block unmanaged devices from performing activities in sanctioned apps that are not allowed, you have to create a real time protection policy with specific constraints. Perform the following steps to achieve granular restrictions on unmanaged devices:
Navigate to Policies > Real-time protection > New Policy.
Select Threat Protection.
In Source section, add criteria as Access method = Reverse Proxy.
Select category as Cloudapp.
Select ‘Edit’ to include actions that should be a criterion in the policy.
Select appropriate threat profiles and action.
Set the action as Block for appropriate.
Create the policy.
Real-time Protection Policy details: