New privacy settings for Microsoft Graph

Via the Microsoft Graph, authorized persons such as the Global Administrator of a Microsoft 365 Tenant have full access to almost all information in this Tenant. The Microsoft Graph itself cannot be deactivated, only hidden and now restricted:

Microsoft Graph and the privacy settings

The new documentation explains in concrete terms what effects the configurations have and why they are now available. So you can limit the output of the Microsoft Graph. You can limit the information about users, documents and the information about the relationship between them. (itemInsights Element)

Configuration

Configure the settings for viewing the elements for users in an organization by adjusting the isEnabledInOrganization and disabledForGroup properties accordingly.

required role: Global Administrator (read and adjust)

Existing applications that use officeGraphInsights should be converted to itemInsights.

LINK

AVAILABLE CONFIGURATIONS
How item insights are enabled isEnabledInOrganization disabledForGroup
Entire organization (default) true empty
Disabled for a subset of users in the organization true ID of the Azure AD group which contains the subset of users
Disabled for the entire organization false ignored

 

 

 

 

 

 

 

By default, element recognition is enabled for an organization. To disable element recognition for all users in the organization, set the isEnabledInOrganization property to false.

To disable item detections for a subset of users in an Azure AD group, set the disabledForGroup property to the ID of this group.

These settings provide administrators with the flexibility to use Azure AD tools and disable item detections only for members of the specified group and not necessarily for the entire organization. Configure each of these properties by updating the item view settings in an application, PowerShell, or other application with the appropriate permissions.

Time to implementation: 8 hours

documentation

https://docs.microsoft.com/en-us/graph/insights-customize-item-insights-privacy?view=graph-rest-1.0

 

 

via

https://techcommunity.microsoft.com/t5/microsoft-search-blog/introducing-new-privacy-controls-with-the-microsoft-graph/ba-p/1557253

Beitrag erstellt 13

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

Verwandte Beiträge

Beginne damit, deinen Suchbegriff oben einzugeben und drücke Enter für die Suche. Drücke ESC, um abzubrechen.

Zurück nach oben