Location Based Access Control

Many of our largest customers, typically in the banking and financial industries, are governed by strict standards. Their employees have access to very sensitive data and can only access that data within the boundaries of a single country. Admins currently restrict access to sensitive data based on IP address. However, IP address is less accurate and less reliable than GPS data. Thus, admins need the ability to restrict access based off of GPS data.

Now, admins will have the ability to create Conditional Access policies to allow/deny access using a new type of Named Location based off GPS data. When the policy is enabled, end users will need to share their GPS location from the mobile device on which Microsoft Authenticator is installed. The user’s mobile device is a good indication of the user’s actual location at the time.

This message is associated with Microsoft 365 Roadmap ID 72238

When this will happen

We will be making this feature available via preview starting in early May and completing by mid-May.

How this will affect your organization

No action is required if you do not intend to enforce policy based off GPS. However, if you would like to use this new feature, more information can be found here: Quickstart: Configure named locations in Azure Active Directory

What you need to do to prepare

Review the documentation and determine if the preview experience is appropriate for your organization.

Message ID: MC252197


No comments yet

Leave a Reply


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.