I'm working with a large enterprise client that's using office 365 we have an application that runs in azure that we need to prevent certain actions if they're not logged in from their company machine..
Principally we want to disable the 'Export as Excel' function when the user is not using their company managed laptop.
for example if I try to login to OUTLOOK from my home machine I get the image below, how can I achieve a similar for our application?
What you probably want is some sort of DRM (Digital Rights Management). Since disabling export won't prevent users from exporting document on the company laptop, then copy it to another PC.
Checkout Azure Information Protection.
Maybe you should publish your internal code at a webserver that is accessible in your corporate network only. This limits access to computers in your company network, but it's also possible to access with a guest computer.
Here is a second (not secure! but more lightweight) approach to detect whether the computer is in your company network (but maybe it's a guest machine):
window.computerIsInCorporateNetwork=true
This is not secure because everybody who knows the name of your variable can set it via browser console.
And a third approach is that you ...
This is not secure because everybody could manipulate the JavaScript directly in the browser.
I think you should apply a jumpserver if you are so care about company secrets.
You can confine user who can only make operation on jumpserver (limit the accessable ip address to the jumpserver ip) . Through a jumpserver, you can monitor all operation of an user, include screen recording , network access record, command history and so on.
There is an opensource jumnpserver , support features more than what I mentioned . But unfortunately, the document is written by Chinese . Or you may have an interest in payment service like azure-bastion .
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With