As organizations increasingly rely on Microsoft Dataverse to manage sensitive business data, the need for robust security controls has never been greater. In the latest wave of updates, Dataverse introduces key improvements to:
- Prevent data leaks and data exfiltration
- Fine-tune data visibility while maintaining performance and compliance.
🛡️ Step 1: Prevent data leaks with secured column masked fields
Dataverse now supports column-level security with masking, allowing organizations to restrict access to sensitive fields such as Social Security Numbers, account numbers, or government IDs. This feature ensures that unauthorized users see only masked values, both in forms and exported data.
Admins can define Secured Masking Rules using regular expressions to control what part of a field is visible. For example, you can show only the last four digits of an SSN. These rules apply to the server side, ensuring consistent enforcement across environments and export scenarios.
Additionally, audit logs remain available for masked columns, enabling security teams to monitor access and detect anomalies.
🚫 Step 2: Prevent Data Exfiltration by Controlling App Access
To combat unauthorized data exports, Dataverse introduces App Access Control, a feature that lets admins define which apps are allowed to run in an environment.
This control is enforced at the authentication layer, validating app IDs against an approved list. Whether users access Dataverse via Dynamics 365 Sales or a custom app, only permitted apps can interact with the environment. Admins can also run audit mode to identify commonly used apps before enforcing restrictions. Here is an example of preventing Excel desktop running in your environment:
This feature is especially valuable for regulated industries where data leakage risks must be tightly managed.
👥 Step 3: Role-Based View Management with Tailor Grid Views by Security Role
Dataverse now allows makers and admins to assign system views to specific security roles, ensuring users see only the views relevant to their role.
This enhancement brings parity with role-based form access and helps reduce clutter in the UI. Makers can configure view visibility directly in the Maker Portal, while end users can share personal views with their teams. This granular control improves usability and user productivity.
🧩 Step 4: Filtered Views Security for C2 System Users
Dataverse introduces a filtered view-based security model that enables row-level access control based on column values.
For example, a user may only access records where the “City” column equals “Redmond” or “Seattle.” This model is particularly useful for scenarios where traditional record ownership doesn’t apply, such as Power Pages C2 users.
Admins can define predicates and associate them with security roles, allowing CRUD operations only on records that match the filter criteria. This model is already in use by Dynamics 365 Finance and Operations and Power Pages and is expanding to other workloads.
💡 Get Started Today
Together, these features represent a significant leap forward in Dataverse’s security posture. They empower organizations to:
- Comply with data privacy regulations
- Prevent unauthorized data access and export
- Customize user experiences based on roles
- Secure sensitive data at the column and row level
Whether you’re a maker, admin, or security architect, these tools offer the flexibility and control needed to safeguard your data in today’s complex environments. Learn more:
