@NetanelBenShushan-0349
Thank you for your post!
Based off your requirements, you can try leveraging our current preview offering - Conditional Access policies for Azure Information Protection. With this feature, when a user opens a document that is protected by Azure Information Protection, administrators can now block or grant access to users in their tenant, based on the standard conditional access controls.
Additional Links:
FAQ - Azure Information Protection is listed as an available cloud app for conditional access—how does this work?
Multi-factor authentication (MFA) and Azure Information Protection
AIP and Azure Active Directory
If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.
----------
Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.