Microsoft Viva: Glint - User Schema Enhancements - Custom Age and Tenure Derivations

🚨 The Signal: Viva Glint now allows custom age and tenure data derivations. This feature enables administrators to directly manage user schema without support, potentially exposing sensitive HR data if not properly secured.

The Impact

Viva Glint admins are affected, with a risk of sensitive HR data exposure if access controls are not rigorously applied.

• Glint Admins: Risk of over-privilege leading to sensitive data exposure.
• HR Teams: Potential for PII exposure if custom fields are not secured.
• Security Teams: New data fields require review for access and classification.

The Action

1. Review existing Viva Glint admin roles and permissions for least privilege.
2. Classify custom age and tenure derivations as sensitive PII within Purview.
3. Implement strict access controls for all custom user schema fields in Glint.
4. Audit access logs for Viva Glint schema changes and data exports regularly.

Domain: Purview · Impact: medium · Workload: Microsoft Purview