Abstract: Technologies are provided for prevention of organizational data leakage across platforms based on device status. A device management service may include status information for a client device and/or a connection in a token provided to the client device and update the status in response to changes. An applicable data protection policy may be determined based on the detected status and optionally based on data being accessed. An instruction may be transmitted to a client application executed on the client device based on the applicable data protection policy thereby enforcing the data protection policy at the server. The instruction may cause a script executed at the client application to disable one or more user interface controls associated with functionality such as downloading, synchronizing, printing, etc. of the organizational data to prevent leakage of organizational data.

Abstract: Information technology use policies based on classification of groups, teams, and sites is provided. Example systems may enable information technology administrators to specify which policies may apply based on manual or automatic classification of groups, teams and sites. This may include the ability to specify associated membership, sharing, and access policies, data storage and sharing locations, retention policies for different types of content, and application of various information governance and protection options/requirements. Information technology administrators, who inherently understand the data and information management needs of organizations and members, may define a reasonable set of simplified classification options that information workers can use. Thus, information workers may no longer need to learn the details of data policies.

Abstract: Technologies are provided for prevention of organizational data leakage across platforms based on device status. A device management service may include status information for a client device and/or a connection in a token provided to the client device and update the status in response to changes. An applicable data protection policy may be determined based on the detected status and optionally based on data being accessed. An instruction may be transmitted to a client application executed on the client device based on the applicable data protection policy thereby enforcing the data protection policy at the server. The instruction may cause a script executed at the client application to disable one or more user interface controls associated with functionality such as downloading, synchronizing, printing, etc. of the organizational data to prevent leakage of organizational data.