(Updated) eSignature for Microsoft 365 - Recipient groups

🚨 The Signal: eSignature in Microsoft 365 now supports recipient groups, allowing multiple users to fulfill a single signing slot. This improves workflow reliability by preventing delays when a specific signer is unavailable, without altering existing tenant policies.

The Impact

Users creating eSignature requests are affected, with a low security risk related to ensuring the correct individual within a group signs.

• End users: New signing flexibility may lead to confusion over who is responsible for signing.
• Security teams: Review of audit logs may be needed to identify the specific signer within a group.
• Compliance teams: Verification of signature validity and intent within a group context requires attention.

The Action

1. Review existing digital signature policies to ensure they account for recipient groups.
2. Communicate to users the implications of recipient groups for signature accountability.
3. Verify audit logging captures the specific signer from a recipient group for non-repudiation.

Domain: SharePoint · Impact: medium · Workload: SharePoint