Forum Discussion
Solved
New App Launcher and privacy
THe new app launcher looks great, but has anyone thought about the following scenario.
You are presenting to an audience or working with a group of people or IT tech support. You go into office 365 and access the launcher.
Document titles that maybe private or highly confidential maybe unintentionally exposed. I doubt there is anyway to block that other than to advise people to make obscure titles to these types of documents....
For a presentation open you apps ahead of time and hope nothing crashes.
Thoughts?
Thanks all for the feedback and discussion. If there are documents that you do not want to show in your recent documents section in the new Office 365 app launcher, you can go to www.office.com and use the "remove from list" action on a document that is in your Recent online documents, and it will also remove the document from the app launcher document section, as the services are integrated.
We also released a blog article today that includes a more in-depth video on the new experiences of www.office.com and the Office 365 app launcher that you may be interested in:
I'm familiar with confidential content, but not confidential file names. Can you give me some real world examples of when this would be an actual security or compliance violation?
- Next round or redundancies January 2018.xlsx
or Investigation into xxxxxxxx for misconduct.docx
Merger with Company YYYYYYY.docx
People do that.. - Currently I am running a job search and there are internal candidates which is considered confidential information. Their application materials include last name and first initial in the file names.
So when I did a class on Office 365 last week did I use my own account? No I did not.- Katie Kivett
Microsoft
Did the ability to remove these documents, with confidential information in the file name, from your MRU in Office.com not workaround the issue for you?
Interesting point. Just to be clear, it's the changes as mentioned in this discussion. I could see that scenario you mentioned happening but if planning ahead, either use a dedicated test account that won't reveal anything unintentional or do a quick check beforehand. Even so, it will probably catch someone out sooner or later, if in a rush.
It's like having Delve built-in to the app launcher?
Additional license costs and complexity just to avoid something like that. I'm not sure that will go down well with smaller organisations.
Still it will take for a major blunder for someone to reconsider this.
It is convenience over security, which should be balanced.
Good point and I do agree. Basically, what we are saying is that Documents area in the new App launcher should be configurable and users can opt out of it if they have any need to do so (or have a presenter mode or something)?
This is certainly a benefit of Microsoft announcing changes well in advance, with a video no less, we can collectively get our feedback in early and see if things can be changed. On the support article, they are asking for feedback via the Was this information helpful? option. This is what I submitted (there is limited space allowed, so couldn't put too much):
"Great to have info in advance, allows us to prepare for changes. How about making the Documents area configurable? Scenario is the user is giving presentation/webinar and unbeknown to them, they reveal information simply be showing the app launcher."
- I've gotten so paranoid about using a test account when teaching seminars. Almost any page can reveal file names and other information. Let alone Delve!
But not every user has access to test accounts of course.- By the way, if your landing page is the Office 365 Home Page or even Delve, you can also potentially show confidential documents there
