MC1184591 – Power Platform – Upcoming enforcement of tenant isolation (archived)

Product:

Power Platform

Platform:

Online, World tenant

Status:

Change type:

Links:

Details:

As part of our Secure Future Initiative (SFI), the tenant isolation feature will be enabled by default for all Power Platform tenants as the new default behavior. The enforcement is scheduled to begin in February 2026.

This feature applies only to Power Platform policies and is separate from guest access policies and Azure tenant restriction features.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2025-11-11

updated:
2025-11-11

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Loss of Inter-Tenant Connectivity
The enforcement of tenant isolation will block all connection attempts between different tenants, potentially disrupting workflows that rely on cross-tenant data sharing and collaboration.
   - roles: Power Platform Administrators, Business Analysts
   - references: https://aka.ms/13103

Increased Complexity in Data Management
With tenant isolation, managing data across multiple tenants will become more complex, requiring additional configurations and potentially leading to data silos.
   - roles: Data Engineers, IT Operations Managers
   - references: https://aka.ms/13103

User Experience Disruption
Users accustomed to seamless collaboration across tenants may experience frustration and reduced productivity due to the inability to connect with external tenants.
   - roles: End Users, Project Managers
   - references: https://aka.ms/13103

Impact on Third-Party Integrations
Third-party applications that rely on cross-tenant connections may fail to function properly, leading to potential service disruptions and user dissatisfaction.
   - roles: Integration Specialists, Application Developers
   - references: https://aka.ms/13103

Compliance and Security Risks
Organizations may face compliance challenges if tenant isolation leads to unintentional data segregation, impacting data governance policies.
   - roles: Compliance Officers, Security Analysts
   - references: https://aka.ms/13103

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Enhanced Security and Compliance Training
With the enforcement of tenant isolation, there is an opportunity to enhance security training for employees to understand the implications of tenant isolation and the importance of data protection within their own tenant. This can improve overall compliance and reduce risks associated with data breaches.
   - next-steps: Develop a training program that focuses on tenant isolation policies, security best practices, and compliance requirements. Schedule regular training sessions and provide resources for employees.
   - roles: Compliance Officer, IT Security Manager, Training Coordinator
   - references: https://aka.ms/13103, https://www.microsoft.com/en-us/security/blog/2022/11/15/understanding-tenant-isolation-in-power-platform/

Improved User Experience through Internal Resource Sharing
As tenant isolation restricts connections between different tenants, organizations can leverage this opportunity to improve internal resource sharing by developing robust internal applications that utilize Power Platform features, enhancing collaboration without external dependencies.
   - next-steps: Identify key business processes that can benefit from internal applications. Allocate resources to develop and deploy these applications using Power Platform tools, ensuring they comply with the new isolation policies.
   - roles: Business Analyst, Power Platform Developer, IT Manager
   - references: https://docs.microsoft.com/en-us/power-platform/, https://www.microsoft.com/en-us/microsoft-365/blog/2021/02/04/introducing-power-platform-internal-apps/

Streamlined IT Administration Processes
The new tenant isolation policy can streamline IT administrative tasks by reducing the complexity of managing external connections and ensuring that internal policies are enforced consistently across the organization.
   - next-steps: Review current IT administrative processes to identify areas where tenant isolation can simplify management. Update documentation and policies to reflect the new isolation standards, and provide training to IT staff on the updated procedures.
   - roles: IT Administrator, IT Operations Manager, Policy Compliance Officer
   - references: https://techcommunity.microsoft.com/t5/power-apps-ideas/tenant-isolation-in-power-platform/idi-p/1910516, https://www.microsoft.com/en-us/security/blog/2022/11/15/understanding-tenant-isolation-in-power-platform/

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

Imagine your office building has a new security system that controls who can enter and exit. This system is like the new tenant isolation feature being introduced in Power Platform. In the same way that the security system ensures only authorized people can come in or go out, tenant isolation will ensure that only authorized data connections can be made between different Power Platform tenants.

Think of each Power Platform tenant as a separate office within a large building. The tenant isolation feature will act like a security guard at each office door, preventing any unauthorized data traffic from entering or leaving. Just as you wouldn't want someone from another office wandering into yours without permission, tenant isolation prevents data from one tenant from connecting to another without explicit approval.

This change will not affect how you communicate within your own office. You can still freely interact with your colleagues, just as data can still flow within the same tenant. Similarly, if someone is a guest in your office, they can still enter and interact as usual. In Power Platform, guest user access remains unaffected, allowing those with permission to connect as needed.

There's no immediate action required on your part, much like you wouldn't need to change your daily routine with the new security system in place. However, if you want to customize how this security feature works for your office, you can refer to the documentation provided to learn more about configuring tenant isolation policies.