The modern security perimeter extends beyond an organization's network perimeter to include user and device identity. Organizations now use identity-driven signals as part of their access control decisions. Microsoft Entra Conditional Access brings signals together, to make decisions, and enforce organizational policies. Conditional Access is Microsoft's Zero Trust policy engine taking signals from various sources into account when enforcing policy decisions.
Conditional Access policies at their simplest are if-then statements; if a user wants to access a resource, then they must complete an action. For example: If a user wants to access an application or service like Microsoft 365, then they must perform multifactor authentication to gain access.
Conditional Access policies are enforced after first-factor authentication is completed. Conditional Access isn't intended to be an organization's first line of defense for scenarios like denial-of-service (DoS) attacks, but it can use signals from these events to determine access.
Conditional Access policies on the Policies page can be filtered by administrators based on items like the actor, target resource, condition, control applied, state, or date. This filtering ability allows administrators to find specific policies based on their configuration quickly.
When licenses required for Conditional Access expire, policies aren't automatically disabled or deleted. This grants customers the ability to migrate away from Conditional Access policies without a sudden change in their security posture. Remaining policies can be viewed and deleted, but no longer updated.
I appreciate that the planner currently does not allow for access management by using permissions. I can find conversations about this feature that dates yrs back. so I assume this is on the backlog, but not yet in the roadmap.
@eromerommc I also thought about lists - but too complicated (for me/us) to set up things like the automatic notification when a list item has been "assigned" to a user. I also haven't delved deeply enough into list permissions to fully understand them, but they do seem confusing in their own way. Also, all those benefits of linking Planner tasks with other tasks in To Do is a huge benefit which Lists also doesn't provide.
We kindly request that Microsoft enables Task Planner in private channels to enhance task management and promote secure teamwork. Let's work together for this improvement. #EnableTaskPlannerInPrivateChannels #MicrosoftTeams.
There is a way to provide and limit MS Planner access by linking it to a Microsoft 365 group. Create a Microsoft 365 group and add members to the group that you want to have access to the planner. It's recommended that Planner access by tied to an MS 365 group you make instead of tying access to a TEAMS channel. This is because it's easier to manage when you need to remove or add people.
I will be saving an MS Planner in our General Folder of our TEAMS channel hub-this makes my calendar sharable since it's not in a private channe sharable since it's not in a private channel However, I'll add the new blank calendar to an MS365 group, and this keeps members of the TEAMS General channel from accessing it.
Here's a link to the LinkedIn Learning 5 minute Video: Create an Outlook Group Plan (this shows how to grant access to a Planner based on Members in a group. This video is one of a series in a Linkedin Learning course called: Microsoft Planner Essential Training.
Somewhere in this Linkedin Learning training, there's a video called: "Assign Non-Members to a Task" that shows how to assign a person to a task who is not a member of the MS365 group, and how they will only be able to view that task, and no others within that plan! This is why associating a Planner Plan to a MS 365 group of members is exactly how to overcome this dilemma everyone is speaking to.
As far as creating tasks that not everyone in the Planner group can see, and you only want certain members within a Group to see a specific task, I bet there's a way if you have your plan tied to an MS 365 group where you can assign access to specifc members within that group-however, I'm unsure. If I find out, I'll respond again here.
As your digital footprint continues to expand with more identities, resources, apps, and endpoints to secure, identity and access must evolve. Attend Reimagine secure access with Microsoft Entra to hear about the latest identity and access innovations. Learn how establishing identity as your first line of defense can help you be more secure, resilient, and efficient in our connected world.
The organization I work for is wanting to move away from Microsoft Access databases where possible, and we have started exploring what tools our current Access databases could be moved to. Is there a standard for what works best (Powerapps, Sharepoint, etc)? What have you found to be a good resource for guidance on this topic? Thanks!
Okay, so you're asking a bunch of MS Access folks what options they recommend for abandoning Access? My first reaction is that nothing out there is a realistic alternative to Microsoft Access relational database applications at the moment.
In the "smart device" arena, i.e. apps that run on a phone or other device, PowerApps holds a lot of promise, and I know that Microsoft is pouring a lot of resources into it. Maybe look at that to support that kind of purpose. As far as desktop Relational Database Applications go, though, PA are a distant second as things stand today.
SharePoint is sort of like comparing a Swiss Army knife to a precision machine tool. Yeah, they both cut stuff, but if you want to create something useful, you kind of want to go with the tool that's designed specifically for creating something useful.
@George Hepworth yes I'm asking MS Access folks what options they recommend, because I'm being told that's the direction we're going. So who better to ask than people who know Access? The catch is that it has to be a Microsoft product, as our contract is with them. I appreciate your input. Have a great day.
If you are using the .MDB/.ACCDB file format as a repository to store company info (Usage 1 and Problem 2 & 3), then don't! Use SQL Server. The Access (aka: JET or ACE repository format) is not a up to par for corporate data. It does fine for small businesses, many small business can work just fine within the constraints of security and size that the JET/ACE format limits us too, but once your needs go beyond those limitations, or you just need a standard repository to use across your company, the JET/ACE (Access) format should be migrated away from. Again, SQL Server Express is a good first step. Then SQL Server, or Azure SQL will take you to all ends you wish to travel to!
If you are using an .MDB/.ACCDB file to LINK to data sources so you can see it or do ad hoc queries with it (Usage 2) ... Great! ... there really is no substitute for what MSAccess can do. There is not a need to migrate to some other tool to fill that purpose. Also, if the data is stored in SQL Server, and it is accessed using Windows authentication, then Problem 2 is a myth. If you are doing a lot of analytics/reporting on your data, PowerBI using a live connection may be a good choice (but its definitely not an ad hoc query tool - and wont eliminate Problem 1). If you DON'T use a live connection to your data, you are then storing all of that data in a PBIX file (thus NOT eliminating Problem 3), and your data will need to be updated in order to keep your reports "fresh". If you are hell bent on ditching Access for ad hoc queries and visibility of data - maybe SSMS, but that is a "higher level" tool to use and you really don't want to install SSMS on everybody's machine.
If you are using MSAccess to build UI's for Line of Business applications (Usage 3) that access data stored in non-MSAccess repositories (ie: SQL Server, Oracle, Azure). Then .. Visual Studio is a development platform you can use to build C#/VB applications to fill your need. But keep in mind, VS is a "higher level" tool that should not be on every workers machine -- in short, its typically an IT tool. With that, IT will likely not want to build (or have the time to build) every utility you can dream of to help your (or a small groups) day to day life, thus the need for Line of Business apps that Access can address quite well - even if the LOB app is created by IT.
- You may prevent Usage 1 and Problems 2 & 3. But, honestly, MSAccess *may not* be your issue with those two bullets. If you remove MSAccess, people can (and likely will) use Excel for Usage 1 and still nurture Problem 2 and Problem 3. Then what, are you going to eliminate Excel? You definitely need to address Usage 1 and Problems 2 & 3, but eliminating MSAccess is not have as much "punch" in doing that.
- Problems 1 or 3 go unsolved, and likely is placated into thinking problem 2 is fixed, but if you have access to the data ... you have access to the data whether you get to it through MSAccess, Excel, PowerBI.
This task you seek to perform of migrating away from MS Access may not yield what the people directing your work may want. Please know, that I am not saying you *shouldn't* do something, that is entirely up to the business you are serving, but in order to serve them well, ensure they are implementing the right project to address the needs MSAccess fills and the problems you are trying to solve.
The real answer is "how much money" is Access costing you and "how much money" you are willing to spend to get away...if someone just said "just leave Access is crap" ... let him/her show some alternatives...there are plenty but always there is a cost...
@tsgiannis you know, I came here for help and all I've gotten is different responses telling me I either am wrong for wanting to move away from Access, or people telling me I asked the question "wrong". I thought this was supposed to be a support and help community. I'll just take my questions elsewhere. Good day.
d3342ee215