In today’s hybrid workplace, managing secure access to cloud apps and data is critical. As a leading MSP in Canada, System Support Canada helps Toronto businesses strengthen cybersecurity through smart identity and access management solutions — including Microsoft Entra Conditional Access policies.
One of the most effective Conditional Access features is blocking access by location, which allows organizations to prevent logins from untrusted regions or unknown IPs. This simple yet powerful policy can dramatically reduce risks of unauthorized access and credential compromise.
What Is Conditional Access by Location?
Conditional Access in Microsoft Entra (formerly Azure Active Directory) lets administrators control how and where users can access company resources.
By defining “named locations” — specific countries, regions, or IP address ranges — you can limit or block access attempts that don’t match your organization’s security posture. This helps protect data, especially for teams using remote or hybrid setups across different networks.
Step-by-Step: How to Block Access by Location
Follow these steps to create a Conditional Access policy that blocks sign-ins from unapproved locations.
1. Define Locations
- Sign in to the Microsoft Entra admin center as a Conditional Access Administrator.
- Navigate to Protection → Conditional Access → Named locations.
- Select Create new location.
- Choose between:
- Countries location – choose allowed or blocked countries/regions.
- IP ranges location – define trusted IP ranges (e.g., your office network).
- Name your location clearly (for example, “Blocked – Outside Canada”).
- If using IP ranges, you can optionally mark them as trusted locations.
- Select Create to save the location.
2. Create a Conditional Access Policy
- Go to Protection → Conditional Access → Policies.
- Click New policy.
- Give your policy a clear name, such as “Block Non-Canadian Logins.”
- Under Assignments → Users, include All users, but exclude your emergency or break-glass accounts.
- Under Target resources → Cloud apps, choose All cloud apps.
- Under Conditions → Locations, set Configure = Yes and choose Selected locations.
- Select the blocked location you created earlier.
- Under Access controls → Grant, choose Block access.
- Set Enable policy to Report-only for testing, then switch it to On once verified.
This ensures you can monitor impact before enforcing the block across your organization.
Why It Matters: Security and Control
Blocking access by location strengthens your cybersecurity posture by:
- 🚫 Preventing unauthorized logins from high-risk or foreign IPs.
- 🧭 Maintaining compliance with data residency and industry regulations.
- 🕵️ Reducing phishing and brute-force attack surfaces.
- 🧩 Enhancing visibility of sign-in behavior across your organization.
With proper configuration, Conditional Access supports business continuity and helps IT teams proactively manage risks — instead of reacting after a breach.
How System Support Canada Can Help
Implementing Conditional Access is just one part of a robust cybersecurity strategy. As a trusted MSP in Canada with over 15 years of experience supporting more than 80 SMEs in Toronto, System Support Canada provides full-stack IT support in Toronto — including:
- 24/7 IT support and remote helpdesk services.
- Managed server and firewall maintenance.
- Backup services for both servers and Microsoft 365.
- Comprehensive cybersecurity and business continuity planning.
- Web design and SEO solutions to enhance your online presence.
- Trusted IT hardware from Apple, HP, Dell, Lenovo, and Ubiquiti.
Our mission is to deliver honest, transparent, and scalable IT solutions tailored to your business goals — ensuring stability, security, and growth.
Ready to Secure Your Microsoft Environment?
Protecting your data starts with professional configuration and proactive monitoring. Let our Toronto-based experts handle the setup, testing, and ongoing management of your Conditional Access policies — so your business stays secure around the clock.
👉 Request a free consultation or get a quote today at System Support Canada and discover how our 24/7 IT support can safeguard your operations while you focus on growth.
