Like Office 365 Tenant Restriction (https://docs.microsoft.com/en-us/azure/active-directory/active-directory-tenant-restrictions)- Our company wants to make sure that our corporate employees are restricted to only gaining access to our Yammer Enterprise Environment.
After reviewing proxy logs and Office 365 Audit logs, there appears there are two methods we could employ to achieve this type of security requirement:
- Implement HTTPS packet inspection for all yammer.com traffic and only allow traffic that has the following value in the Header: Referer https://www.yammer.com/companyXYZ.com/ - all other referral domains would be blocked
- Implement HTTPS packet inspection for all yammer authentication for the URL https://www.yammer.com/oauth2/authorize?client_id=[:client_id]&response_type=code&redirect_uri=[:redirect_uri] – the client_id would have to equal COMPANY’s Yammer ID or the request would be blocked
As no one has posted a solution on how to enforce Yammer Domain Restrictions (or at least that I can find), does anyone have an opinion of the validity of this approach?
We use CISCO M1070 proxies (IronPort), and uses the web proxy to implement Office 365 Tenant restriction successfully.