currently we are working on securing edge on iOS devices that have access to files on corporate OneDrive = you may via Edge access any corporate document and steal it via every common email or sharing service.
We have worked out only three solutions none ideal:
- Set Receive data from other apps to NONE > Outcome you will not be able to send the attachment away, but as well you will not open any weblink from any other corporate apps.
- Set Allow list > You need to specify what resources are available
- Set Block list > You will never be able to specify 100% sharing webs
MS is hiding behind this statement:
Although Edge is in “corporate” context, users can intentionally move OneDrive “corporate” context files to an unknown personal cloud storage location. To avoid this, see Manage restricted web sites and configure the allowed/blocked site list for Edge.