Forum Discussion

Mark-Kashman's avatar
Mark-Kashman
Former Employee
Jan 25, 2017

Understanding security and privacy of Delve and intelligent experiences in Office 365

Within Office 365, Delve is an intelligent service aimed at helping users stay in the know – to discover new, relevant information and people based on who they work with and the content they work on....
Delve
Office Graph
Brian Edwards's avatar
Brian Edwards
Former Employee
Jul 16, 2017

I totally agree that once users are educated, their concerns with regards to what Delve surfaces gradually diminishes. However, many companies don’t invest adequately upfront in training their users. Then all it takes is one senior manager to stumble across sensitive documents their co-workers are currently working on in Delve, and thereafter Office Graph will be disabled indefinitely.

 

From a customer perspective (in my experience) they would far rather mitigate risk when enabling Office Graph initially without having to make an all or nothing decision. In such scenarios, tweaking the HideFromDelve managed property in the search schema should be a very simple exercise - I say “should” because I haven’t personally tested it. Theatrically it “should” work 😊!

 

With this approach you could also implement the completely opposite intended behaviour to surface only “approved” content in Delve by adding the HideFromDelve site column to all document libraries where you "want" to surface content in Delve, with the default value for the HideFromDelve site column set to "False" instead of True.

Cian Allner's avatar
Cian Allner
Silver Contributor
Jul 16, 2017

Some granularity I think would be appreciated, HideFromDelve is good to have but more central control either user or on a site/document library basis might be helpful.  

 

I get the impression that disabling Office Graph is discouraged really and that's probably why there aren't more options.  It's like a deterrent with the all or nothing approach.  Office 365 after all without Office 365 Graph is going to be rather backwards!

  • Brian Edwards's avatar
    Brian Edwards
    Former Employee
    Jul 26, 2017

    I would say it's catch 22 and the way works now is likely necessary in order to deliver the next wave of auto classification for content in terms of Information Sensitivy from a Security and Compliance perspective. The Graph API is probably needed to do this. If content is automatically secured based on classification policies, this becomes irrelevant. 

     

    For example a policy could dictate that contain specific words or phrase, and such documents cannot be shared to "Everyone" for example. Other policies could be created to protect information is any site classified as HBI, etc.