Microsoft 365: Microsoft Places - Enhanced desk booking capabilities

🚨 The Signal: Microsoft Places now allows flexible desk booking, including partial days, multi-day, and delegate bookings. This introduces new identity and access management considerations for physical space resources.

The Impact

Admins and security teams are affected by new access delegation capabilities, creating a risk of unauthorized physical resource access if not properly managed.

• Admins: Must review and configure delegate access policies for desk booking to prevent unauthorized access.
• Security Teams: Need to ensure identity governance principles extend to physical resource booking to mitigate misuse.
• End Users: May experience issues if delegate access is not correctly configured, leading to booking failures.
• Compliance Teams: Must verify that physical resource access aligns with existing access control policies and audit requirements.

The Action

1. Review Microsoft Places documentation for delegate booking configuration and best practices.
2. Define and implement clear policies for who can delegate desk bookings and for whom.
3. Utilize Microsoft Entra ID groups to manage delegate permissions for Microsoft Places resources.
4. Regularly audit delegate assignments and booking logs within Microsoft Places for anomalies.
5. Communicate new booking procedures and delegate capabilities to relevant user groups.

Domain: Entra · Impact: medium · Workload: Other