Microsoft 365 milestone: U of T allows app integration

M365 logo
Posted on by Katie Babcock

February 23, 2021

Katie Babcock

Microsoft 365 Announcements, News

U of T’s Enterprise Applications & Solutions Integration (EASI) is pleased to announce that a new process will allow controlled application integration with Microsoft 365 (M365).

Previously, any apps that accessed M365 data and MS Office add-ins were disabled due to security concerns. Now, EASI, in partnership with Information Security, has created a solution that will allow some apps that are business critical or broadly used at the departmental level to integrate with M365. The goal is to improve the user experience and allow users to realize more potential from M365.

Apps that are deemed very low risk, meaning they don’t access any M365 data, are now available for use. These include Microsoft Tech Community, Microsoft Events, Miro, Flipgrid and many others. Other apps that have been enabled include email clients like Thunderbird, Gmail and Samsung email. To see the current list of approved and pending applications, please visit the Admin Managed Apps page.

Apps that are higher risk or require individual licenses will be limited to certain users and will be managed at a departmental level. These include apps like 12twenty, myViewBoard, and DocuSign.

Once a new app is requested, it needs to be approved by divisional IT administrators, and then it heads to the Application Review Committee for evaluation. An additional risk assessment is performed and then implementation begins. New requests should be submitted through M365 App Request form.

The team faced many challenges when trying to implement this solution. They tried four different methods of controlling application access before creating a solution that balances users’ needs along with access and security. The winning combination uses Azure Active Directory, a cloud-based identity and access management service, including custom app consent policies and application user assignment groups.

The team is currently working to clear up the backlog of requests, and in the future will work on approved requests.

For more information, go to the EASI website. Admin Managed Apps | EASI (utoronto.ca)