Prevent data exfiltration with user level controls
Important
Some of the functionality described in this release plan has not been released. Delivery timelines may change and projected functionality may not be released (see Microsoft policy). Learn more: What's new and planned
| Enabled for | Public preview | General availability |
|---|---|---|
| Users by admins, makers, or analysts | Jul 2024 | Sep 2024 |
Business value
Data exfiltration protection by securing application accesses to an environment with user level controls. Granular control through security roles assignment where an app can be run by users who have the approved security role assignment. This allows certain groups of users to run pre-authorized apps in the environment.
Feature details
By default when this feature is activated, only approved Microsoft solution apps can run in an environment, such as Dynamics 365 Sales or Dynamics 365 Customer Service. The local environment admin sets what apps can run by their authorized users in an environment. Unauthorized apps are blocked when the user tries to access the environment. To help administration with selecting which apps to approve for their environment, an audit mode run can be enabled. This is where all app accesses are audited, and the admin can download this audit log for review.
Conditional access on which users can run what authorized apps can be set by the administrator. The administrator can allow list an app for selected security role(s). Only users who have the selected security roles can run the app in the environment.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for