we found an issue in which many sites (like dropbox.com, mail.google.com) were allowed by the Office 365 bypass rule. If you're using this rule, or haven't updated it within the last couple of weeks, you may want to check to make sure your users don't have access to PNS sites because of this.
I modified the default ruleset to include an exceptions list. This way you can still have the simplified the view, but still prevent personal network storage from being bypassed.
The list is SmartMatch based, so you can add most any variation and it will recognize it.
For these lists, we're pulling them directly from Microsoft (Office 365 URLs and IP address ranges - Office 365) and sites like dropbox are considered important to O365's functionality, so this is why Microsoft includes them.
If you import the attached ruleset, it might complain about the version by you can ignore it because it uses properties available in all supported versions.