Empowering IT Admins with seamless feature access management
“It’s like playing a game of whack-a-mole. Every time a new feature or app is rolled out, I’m stuck fielding countless requests and figuring out who should have access to what. I need a better way to manage this chaos.”
— Raj, IT Admin at a Fortune 500 Company
When IT admins like Raj spoke, we listened. For too long, they were overwhelmed with the task of manually managing access to Microsoft Viva's growing suite of apps and features through PowerShell.
What should have been a streamlined process felt more like navigating a minefield. They needed a solution that could give them control—intuitive, efficient, and integrated within the Microsoft Admin Center (MAC).
Enter 'Feature Access Management', a game-changing project designed to simplify how IT admins govern access to Viva apps and features. The stakes were high: we had to create a tool that wasn’t just functional, but also intuitive and aligned with the workflows IT admins are already accustomed to. Our goal was ambitious: reduce admin effort by 50%, improve user satisfaction, and boost feature adoption rates. What started as a pain point for IT admins turned into a collaborative and cross-functional effort that delivered measurable results. Here’s how we did it.
Discovery: Unpacking the Problem
The journey began by digging deep into the day-to-day challenges faced by IT admins. Through a series of interviews, surveys, and direct feedback sessions, we learned that managing access to new apps and features across various teams and departments was a major headache. Admins like Raj felt trapped in an endless loop of approvals, repetitive tasks, and lack of visibility into who had access to what.
Some key insights became clear:
Inefficient Processes: Admins had to navigate through multiple layers of the Microsoft Admin Center to manage access, often leading to confusion and errors.
Lack of Clarity and Control: There was no clear view of who had access to which features, making it nearly impossible to track and audit permissions.
Time-Consuming Management: Managing access requests manually was not only tedious but also led to delays in feature adoption across organizations.
Also, there was a really important business need for this feature. Due to local privacy regulations and Works Council and business requirements, customers were blocked in being able to give some users access to an entire Viva app because of one or a few features users should not have access to. Without being able to disable just that one (or a few) features, customers were forced to restrict access to the entire app for the group of impacted users.
IT Admins could only rely on PowerShell to create simple policies. However, that did not cover the whole use case.
Define: Clarifying Our Vision
With these insights in hand, we set out to define a solution that addressed these pain points head-on. Our vision was clear: build a centralized and user-friendly access management tool within MAC that would empower IT admins to efficiently control feature and app permissions across their organizations. But first, where would it live?
The challenge was substantial. We needed to design a system that was not only robust but also flexible enough to cater to organizations of varying sizes, hierarchies, and complexities. Moreover, it had to align with Microsoft’s existing design language and seamlessly integrate within the Microsoft Admin Center.
Where would it live in MAC? Exploring different IA options
Deliver: Building and Collaborating to Create Impact
Building 'Feature Access Management' required close collaboration across several teams. Working with the MAC development team, we encountered several challenges:
Technical Constraints: Integrating seamlessly with existing infrastructure in MAC was no small feat. We had to ensure our tool did not add latency or complexity to the overall platform experience.
Data Security Concerns: Managing user access data securely was paramount. We worked closely with security teams to ensure that every aspect of the tool complied with Microsoft’s strict security and privacy standards.
Scalability Issues: We needed to design a system that could handle thousands of users and adapt to the unique needs of different organizations, from small businesses to large enterprises.
By adopting agile methodologies and maintaining constant communication between UX, engineering, and product teams, we managed to deliver a robust solution within the expected timeline.
Policy List View
The central part of the interface shows a list of all the policies created for managing access to different features in Microsoft Viva. Each row represents a policy.
Table Format for Clarity: A tabular format was chosen to present the policies, which makes it easy for IT admins to quickly scan and locate specific policies. This is particularly useful when managing a large number of policies.
Column Organization: The columns are logically arranged to display the most pertinent information first (Policy Name), followed by the associated application and feature. This helps admins quickly understand what each policy does and which app or feature it impacts.
Consistent Labeling and Status Indicators: The "Access setting" column uses simple, consistent labels like "Off" to show the current state of each policy.
Creating a policy
The "Create a policy" form appears on the right-hand side of the screen as a side panel, allowing IT admins to configure access settings for Viva apps and features.
Side Panel Design: The choice to use a side panel instead of a full-page overlay or a separate page helps maintain context. Users can still see the existing list of policies in the background while creating a new policy, reducing the cognitive load of switching between screens.
Clear and Guided Input Fields: Each input field is clearly labeled (e.g., "Policy name," "Apps and services," "Feature") and provides example text or placeholder text (like "For example: Copilot off for German offices") to guide users in entering the appropriate information. This design decision ensures clarity and reduces the chance of user errors.
Progressive Disclosure: The form uses progressive disclosure by only displaying the next set of relevant options after the user makes a selection in a previous field (e.g., "Select an app or service" before selecting a specific feature). This approach simplifies the process and makes it feel less overwhelming by revealing only the necessary information step-by-step.
Choosing who’s impacted
The "Access setting" field allows users to choose how access is configured. Below this, there are radio button options for applying access settings to "Everyone in your organization" or "Specific people and groups."
Design Decisions:
Use of Radio Buttons for Clarity: The decision to use radio buttons for selecting the scope of the policy ("Everyone in your organization" or "Specific people and groups") provides a simple, binary choice that is easy to understand. This reduces ambiguity and speeds up decision-making for the user.
Contextual Help and Tooltips: The small "i" icon next to the "Access setting" field offers a tooltip about the options available. This helps users understand the consequences of their selections without cluttering the form with excessive text.
Policy created & editing policy
A success message ("Policy created") is displayed on the right side panel, detailing the policy name, the app and feature it applies to, the access setting, the individuals or groups it targets, and the creation and modification dates. This confirms to the IT admin that their configuration has been successfully applied and provides a summary of the policy details.
When the user checks the checkbox next to a policy (e.g., "Sample Policy Name"), a contextual menu appears where ‘Add policy’ once stood, revealing options now to "Edit policy" or "Delete policy." This allows the admin to easily modify an existing policy's details or remove it entirely.
We decided to display the "Edit policy" and "Delete policy" options only after a checkbox is checked to create a clean and focused interface. This reduces visual clutter by keeping potentially distracting or less frequently used actions hidden until they are needed.
This design keeps the interface minimal and easy to scan, while still providing quick access to essential actions. It also prevents accidental edits or deletions by making these options available only when a policy is actively selected.
"Finding a specific policy without any filters feels like searching for a needle in a haystack. With so many policies to manage, I waste a lot of time scrolling through the entire list."
— IT Admin, Large Enterprise
Usability Test Result:
During usability testing, several IT admins struggled to quickly locate specific policies from the list. Without any filtering or sorting options, users reported frustration and confusion, often spending considerable time manually scanning the list to find the desired policy. This feedback indicated that the lack of filters significantly impacted efficiency and user satisfaction. Filtering was part of P2 but had to be moved up to P0 after these findings.
What we did:
After analyzing the usability test results, I introduced a filtering feature to the policy management interface. The new design added a filter and search functionality at the top of the policy list, allowing users to quickly narrow down policies by criteria such as policy name, app, feature, or user group. Additionally, sorting options were introduced to organize policies by creation date, last modified date, or access settings. These changes aimed to streamline the policy management process, reducing time spent on locating specific policies and enhancing overall user satisfaction.
Post-release follow-up usability tests outcomes:
Increased Task Efficiency: Usability tests confirmed that users could find and manage policies faster, especially after the implementation of more intuitive search and filter functions.
Higher User Satisfaction: Post-testing surveys showed a significant increase in user satisfaction, mainly due to the simplified navigation and the visual representation of policy details when compared to the PowerShell creation flow.
Lower Error Rates: The use of visual indicators for "Applies to" helped reduce errors in understanding which users or groups were affected by a policy. This was attributed to the clearer, more immediate representation of affected users/groups.
Feature Usage Metrics: There was a notable increase in the use of the "Filter" function, suggesting that users found this feature helpful once they understood its full capabilities.
"[…] managing policies meant spending hours writing PowerShell scripts, which was time-consuming and prone to errors. With the new interface, I can apply policies to individual users in just a few clicks. It's made releasing certain apps to certain people possible now."
— IT Admin, Mid-Sized Organization
What’s Next: Enhancing Policy Management with Categories
To further streamline the policy management experience, the next phase will focus on the introduction of Categories — a set of pre-created templates tailored for specific tasks. These templates will group together certain apps and features commonly needed for tasks like privacy management, data security, and employee engagement, allowing IT admins to quickly apply predefined policies with minimal customization.
By leveraging Categories, IT admins can save time and effort when creating individual policies for recurring tasks, such as implementing privacy-related settings across multiple departments or enforcing data protection standards organization-wide