How to block Microsoft 365 access on unmanaged devices

Sometimes when businesses allow people to work from home, they allow them to use their devices, this can be good for a while, but in the long run, businesses shouldn’t rely on staff to use their own devices. Once they start using company devices, the business should restrict access to Office 365 on the user’s devices.

Below, I have created a guide that will cover how you can remove access to any unmanaged devices on Microsoft 365. This guide will cover the method for Windows and Mac as it involves Office 365 and can be done on a browser. You can do this by following this method.

  1. Go to Office 365 using the link and sign in.
  2. Click on the “App launcher” in the top left corner.
  3. Choose “Admin.”
  4. Press the left-side menu and click “Show all.”
  5. Go to “SharePoint”
  6. Click the arrow next to “Policies,” then “Access Control.”
  7. Press “Unmanaged devices, then choose “block access.”
  8. Press “Save.”

Content ListThis guide will cover the following

What is SharePoint?

SharePoint is a system created by Microsoft that allows businesses to create databases and lists and compile, organise, and share data from users. Some organisations can use SharePoint as a way to create websites. Microsoft SharePoint is a cloud-based service that any business can use. It is available to anyone who is subscribed to Microsoft 365 and has the option to use just the SharePoint Online Service.

There have been multiple services called SharePoint; some of these include.

  • OneDrive Sync – This program your school or work can use on your desktop devices. This software allows users to synchronise their documents from one place to another, using them offline.
  • SharePoint Server – The SharePoint server can be used by businesses to utilise all the up to date features that are available and is available to subscribers of Office 365 Enterprise. SharePoint Server gives users more features; for example, users can access the current site pages, lists, and libraries. There is also the integration of other services, such as SharePoint Home page, PowerApps, MS Flow and Power BI.
  • Microsoft 365 SharePoint – This is the standard version of SharePoint. It is hosted by Microsoft and is made for any business and functions purely in the clouds. A business can use this to create sites that allow you to gather data and documents and share information with users and colleagues. Any subscriber to Microsoft 365 can access this feature, but you can use this service by just having the subscription to “SharePoint Online Service.”
  • SharePoint Designer 2013 – This version of SharePoint was created in 2013 and was supported until 2018. This program was released for free and allowed people to create web programs and customise SharePoint sites.

Why would you want to block unmanaged devices?

Many businesses have started to allow their staff to work from home, and the way they keep up with work is they use their computer or laptop. Businesses may decide to stop their employees from working on their own devices by removing their ability to access Microsoft 365. A business may want to block unmanaged devices because they aren’t on its database, specifically on the device list on Azure AD. Any device that isn’t on the device list could cause a security breach if a staff member uses it and misplace the device or leaves the business; it would be a security breach if they are still allowed to access SharePoint.

How do you block access to unmanaged accounts – with Screenshots

  • Once you have signed in, press the nine-dot icon known as the “App launcher.”
  • Then press “Admin” in the menu; this will take you to Microsoft 365 admin center.
  • Once here, press the small menu icon in the left corner and then click “Show all.”
  • Now, click “SharePoint” to go to the SharePoint admin center.
  • Here you can find “Access control” by clicking on the dropdown menu on “Policies.” This is where you will find the option to manage policies to restrict access to users and devices.
  • Go to “Unmanaged devices” here; you can choose “Block Access.” The website states you can choose to block access for only specific sites and has a link to another post.
  • Finally, press “Save” to put it in effect.

Once you press “Block access,” it will make it so that any personal device or device that is not company-owned or given permission will no longer give you login access to SharePoint and OneDrive, so staff will have to log in to the company SharePoint by using a company computer or laptop. This is better for overall company security as you can guarantee that information cannot be leaked through wrong device usage; however, businesses can still have breaches by other means.


It is good to block users’ unmanaged devices to avoid any privacy and security problems, so no corporate information from SharePoint can be lost by accident or on purpose after someone leaves a business. It is a simple process to follow by following the guide I have created above, using Microsoft Office 365, going to the SharePoint admin center, going to the policies section on the menu and then to the Access control part. This is where you can change the options for unmanaged devices.

I want to take the time to say thank you for reading through our guide; I hope it covered everything that you were looking for. If there are any other topics you are looking for, then check our website, as we have hundreds of tech guides that you may find helpful. You can leave feedback by contacting our staff and telling them what you thought and what could be improved.

Siddra Afzal

Siddra Afzal has been a researcher and content writer at Business Tech Planet since 2021. Siddra formerly wrote newsletters for the NHS and was a PR and Communications Officer. She now combines her passion for photography and video editing with her knowledge of communications, writing, and research to the art of crafting the perfect tech guides for BTP. You can connect with Siddra on LinkedIn.

Recent Posts