MC1139379 – Power Platform ? Data masking service updates (archived)

Product:

Office 365 general

Platform:

Online, World tenant

Status:

Change type:

Feature update

Links:

Details:

We are enhancing the Data masking service to allow administrators to view masked fields via the client and enable auditors to see who accessed and read sensitive fields with unmasked values. These updates will be rolled out globally from August 8, 2025, through September 5, 2025.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2025-08-22

updated:
2025-08-22

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Data Security Risks
If the change is implemented without proper preparation, unauthorized users may gain access to sensitive data due to misconfigured security profiles, leading to potential data breaches.
   - roles: System Administrators, Data Protection Officers
   - references: https://www.csoonline.com/article/3531230/the-importance-of-data-security-in-the-digital-age.html, https://www.ibm.com/security/data-breach

User Experience Disruption
Users may experience confusion or frustration if they are not informed about the new capability to view unmasked fields, leading to potential misuse or errors in data handling.
   - roles: End Users, Auditors
   - references: https://www.forbes.com/sites/bernardmarr/2020/01/20/the-importance-of-user-experience-in-software-development/?sh=4b1c1c4e1c1c, https://www.nngroup.com/articles/why-user-experience-matters/

Configutation Options**

XXXXXXX ... paid membership only

Data Protection**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

Imagine you have a filing cabinet filled with sensitive documents. Previously, anyone who had access to the cabinet could only see the documents with certain information blacked out, like a permanent marker was used to hide sensitive details. This is similar to how data masking works in IT, where certain information is hidden to protect privacy.

Now, imagine that as the manager of this cabinet, you have been given a special key. This key allows you to see the full documents without any blacked-out sections, but only when necessary. This is what the new update to the Data Masking service in Power Platform allows. System administrators can now "unmask" or reveal the hidden information on the client form by clicking a button, much like using that special key.

Additionally, just like you would keep a log of who accessed the cabinet and what they looked at, the system now keeps a detailed record of who has viewed the unmasked information. This is important for auditing purposes, ensuring that only authorized individuals are accessing sensitive data. You can think of it as a security camera that records every time someone uses the special key to look at the full documents.

To ensure that only the right people have access to this special key, you need to set up a security profile. This is like creating a list of trusted individuals who are allowed to use the key, ensuring that sensitive information is only accessed by those who have been given explicit permission.

These updates will be implemented globally over a period from August 8, 2025, to September 5, 2025. If you need more detailed guidance on how to manage these changes, there is a resource available online that can help you create and manage these masking rules effectively.