Location Based Access Control
Many of our largest customers, typically in the banking and financial industries, are governed by strict standards. Their employees have access to very sensitive data and can only access that data within the boundaries of a single country. Admins currently restrict access to sensitive data based on IP address. However, IP address is less accurate and less reliable than GPS data. Thus, admins need the ability to restrict access based off of GPS data.
Now, admins will have the ability to create Conditional Access policies to allow/deny access using a new type of Named Location based off GPS data. When the policy is enabled, end users will need to share their GPS location from the mobile device on which Microsoft Authenticator is installed. The user’s mobile device is a good indication of the user’s actual location at the time.
This message is associated with Microsoft 365 Roadmap ID 72238
When this will happen
We will be making this feature available via preview starting in early May and completing by mid-May.
How this will affect your organization
No action is required if you do not intend to enforce policy based off GPS. However, if you would like to use this new feature, more information can be found here: Quickstart: Configure named locations in Azure Active Directory
What you need to do to prepare
Review the documentation and determine if the preview experience is appropriate for your organization.
Message ID: MC252197