Security policy
Access Control Policy
1.0 (public summary)MFA, role-based access, GDAP and PIM for client tenants, and joiner/mover/leaver procedures for Privion personnel.
Last updated
Access to Privion systems and client environments is granted on a least-privilege basis and reviewed periodically.
Administrative access
Multi-factor authentication is required for Privion accounts. Client tenant administration uses Microsoft's partner delegation models (including GDAP) rather than standing global administrator roles in customer directories where practicable.
Lifecycle
Joiner, mover, and leaver processes are intended to provision and revoke access promptly. Access reviews for client tenants are conducted on a recurring basis.
Partner access recovery
Privion maintains documented records of GDAP relationships, PIM role assignments, and partner access procedures to re-establish client tenant administration after disruption.
Recovery playbooks cover partner center unavailability, compromised administrative accounts, and client offboarding.
Procedures are reviewed at least annually; exercise and test evidence available under NDA.
Full policy under NDA
This page is a public summary for procurement and security review. The complete policy, including operational procedures and evidence references, is available under NDA. Contact security@priviontech.com to request a copy.