Forum Discussion

frank_df's avatar
frank_df
Copper Contributor
Feb 13, 2023

Can the access to Purview dashboard be denied to non-admin users?

Hello,

in my organization we noticed that when a user browses the security dashboard (security.microsoft.com), they can easily access critical information about compliance using the "more resources" tab, even if they have no directory role at all:

 

For example, they can access the Purview portal and see information they're not supposed to see about organization's compliance:

 

 

Can the "more resources" tab be hidden to the user?

Alternatively, can the access to the Purview dashboard be denied to non-admin users?

 

Thank you.

  • frank_df's avatar
    frank_df
    Copper Contributor

    I created a Conditional Access policy and selected all of the apps that seem to be related to the Compliance Center but it doesn't work:

     

    The policy is not applied because the application is "not matched":

     

     

    The only way I found to make it work is by creating an Access Policy in Microsoft Defender for Cloud Apps but unfortunately the solution is not feasible because it is not granularly configurable and the directory is huge and complex.
    We actually need a standard way to do that.

     

Resources