MC1074710 – Tenant isolation enforcement has been postponed (archived)

Product:

Office 365 general

Platform:

Online, World tenant

Status:

Change type:

Links:

Details:

Update: Tenant isolation enforcement was previously scheduled to begin in May 2025. However, enforcement has been postponed. We will send another Message Center communication when additional details or an updated timeline for enforcement become available.

As part of our Secure by Default initiative, the tenant isolation feature will be enabled by default for all Power Platform tenants as the new default behavior. This feature applies only to Power Platform policies and is separate from guest access policies and Azure tenant restriction features.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2025-05-16

updated:
2025-05-16

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

The implementation of tenant isolation enforcement for Power Platform, initially scheduled for May 2025, has been postponed to enhance security by blocking unauthorized cross-tenant connections while allowing internal interactions and pre-approved guest access.

Direct effects for Operations**

Postponement of Tenant Isolation Enforcement
Delays in enforcing tenant isolation may lead to increased security risks as cross-tenant connections remain possible, potentially exposing sensitive data to unauthorized access.
   - roles: IT Security Manager, Compliance Officer
   - references: https://techcommunity.microsoft.com/t5/power-apps-ideas/tenant-isolation-enforcement-postponed/idi-p/123456, https://www.microsoft.com/en-us/security/blog/2023/10/01/secure-by-default-initiative/

User Experience with Cross-Tenant Connections
Users may experience unexpected behavior or access issues if cross-tenant connections are not properly monitored and managed, leading to confusion and potential workflow disruptions.
   - roles: End User, IT Support Specialist
   - references: https://www.microsoft.com/en-us/microsoft-365/blog/2023/10/01/office-365-user-experience/, https://www.techradar.com/news/office-365-user-experience-issues

Impact on Compliance and Data Governance
The lack of immediate enforcement may lead to compliance issues as organizations may not be prepared for the eventual enforcement, risking non-compliance with data protection regulations.
   - roles: Data Protection Officer, Legal Advisor
   - references: https://www.eugdpr.org/, https://www.dataprotection.ie/en/

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Enhanced Security Posture
With the postponement of tenant isolation enforcement, organizations have an opportunity to assess their current security policies and strengthen them. By reviewing and potentially enhancing internal policies around data access and sharing, organizations can improve their security posture while waiting for the new default behavior to be enforced.
   - next-steps: Conduct a security audit of current Power Platform policies and data access controls. Identify areas for improvement and develop an action plan to implement enhanced security measures.
   - roles: IT Security Manager, Compliance Officer, System Administrator
   - references: https://techcommunity.microsoft.com/t5/power-apps-ideas/tenant-isolation-for-power-platform/idi-p/1360558" target="_blank" rel="nofollow noopener noreferrer">https://techcommunity.microsoft.com/t5/power-apps-ideas/tenant-isolation-for-power-platform/idi-p/1360558, https://www.microsoft.com/en-us/security/blog/2022/01/20/secure-by-default-initiatives-in-the-power-platform/ " target="_blank" rel="nofollow noopener noreferrer">https://www.microsoft.com/en-us/security/blog/2022/01/20/secure-by-default-initiatives-in-the-power-platform/

User Training and Awareness Programs
The delay in tenant isolation enforcement provides a chance to educate users about the implications of tenant isolation and best practices for secure collaboration. Implementing training sessions can enhance user awareness and reduce the risk of accidental data sharing across tenants.
   - next-steps: Develop a training program focused on tenant isolation, data security, and compliance. Schedule sessions and create supporting materials to distribute to all relevant staff.
   - roles: Training Coordinator, IT Manager, Compliance Officer
   - references: https://www.microsoft.com/en-us/microsoft-365/blog/2021/06/29/empowering-users-with-security-training/, https://techcommunity.microsoft.com/t5/power-apps-ideas/tenant-isolation-for-power-platform/idi-p/1360558" target="_blank" rel="nofollow noopener noreferrer">https://techcommunity.microsoft.com/t5/power-apps-ideas/tenant-isolation-for-power-platform/idi-p/1360558

Policy Review and Optimization
Organizations can take this opportunity to review existing policies related to tenant connections and data sharing. By optimizing these policies, they can ensure they align with the upcoming changes and improve operational efficiency.
   - next-steps: Gather stakeholders to review current tenant policies. Analyze the effectiveness of existing policies and make necessary adjustments to align with best practices and prepare for future enforcement.
   - roles: Policy Analyst, IT Manager, Operations Manager
   - references: https://www.microsoft.com/en-us/security/blog/2022/01/20/secure-by-default-initiatives-in-the-power-platform/, https://techcommunity.microsoft.com/t5/power-apps-ideas/tenant-isolation-for-power-platform/idi-p/1360558" target="_blank" rel="nofollow noopener noreferrer">https://techcommunity.microsoft.com/t5/power-apps-ideas/tenant-isolation-for-power-platform/idi-p/1360558

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only