Granular Access for Custom Attributes in Microsoft 365 Admin Center

🚨 The Signal: Microsoft 365 admin center now offers granular access policy controls for custom attributes in Organizational Data, allowing admins to release attributes to specific users/groups and manage sharing permissions for Workforce Insights delegates.

The Impact

Admins are affected by new controls that reduce the risk of sensitive organizational data exposure.

• Admins: Gain enhanced control over who can access custom organizational data attributes, reducing broad exposure.
• Security Teams: Benefit from a more conservative default approach to sensitive data management, improving governance.
• Leaders and Managers: Their ability to share non-public data with Workforce Insights delegates can now be configured, reducing unauthorized disclosure risk.

The Action

1. Identify existing custom attributes in Organizational Data.
2. Review current access policies for these attributes.
3. Configure granular access policies to release custom attributes only to specific users or groups.
4. Define sharing permissions for leaders and managers regarding non-public data with Workforce Insights delegates.

Domain: Purview · Impact: high · Workload: Microsoft Purview · Essential Eight: Restrict Administrative Privileges