ASD's Blueprint for Secure Cloud

Access Control

This section describes the configuration of SharePoint associated with systems built according to guidance in ASD's Blueprint for Secure Cloud.

Estimated reading time: 1 minute

Unmanaged devices

Allow limited, web-only accessTrue

Idle session sign-out

Sign out inactive users automaticallyTrue
Sign out users after:1 hour
Give users this much notice before signing them out:5 minutes

Network location

Allow access only from specific IP address rangesFalse

Apps that don’t use modern authentication

Block accessTrue

OneDrive access restriction

Restrict OneDrive access to only users in specified security groupsFalse

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra