Skip to content
Orbit Orbit Orbit Docs

Security and Data Governance

Use this page for security review, tenant approval, and workspace governance planning.

Orbit’s default rule is simple: workspace files live in the customer’s Microsoft 365 tenant. Orbit provides the wiki, collaboration, sharing, AI client, and admin experience around those files.

What reviewers should know

Section titled “What reviewers should know”
  • Team workspaces use SharePoint. My Workspace uses OneDrive.
  • Microsoft 365 permissions decide workspace access.
  • Orbit adds product controls for invites, note sharing, comments, collaboration, search, and admin review.
  • AI clients are optional and require organization approval and user authorization.
  • External guest sharing depends on Microsoft 365 policy and Orbit availability in the tenant.

Permission boundary

Section titled “Permission boundary”

Microsoft 365 storage permissions are the security boundary for workspace files. Orbit also checks access before opening notes, sharing files, editing content, or allowing collaboration.

Workspace access can come from:

  • Microsoft 365 access to the workspace location.
  • An Orbit workspace invite that grants Microsoft 365 access.
  • A note-specific share for one note.
  • Tenant admin or owner roles where admin views are allowed.

Direct note shares are additive. They can grant access to one note without granting access to the full workspace.

Internal and external access

Section titled “Internal and external access”

Current Orbit workspace invites and note shares are designed for internal tenant users. External guest workflows depend on Microsoft 365 policy and Orbit availability; do not assume external sharing is available unless your tenant has tested it.

If sensitive content is involved, share the smallest scope that solves the problem.

AI access governance

Section titled “AI access governance”

Orbit lets an allowed AI client read and write through Orbit’s permission model. It does not bypass Microsoft 365 permissions.

Before connecting an AI client:

  • Confirm the client is allowed by your organization.
  • Review the client’s retention, logging, and training policy.
  • Use note context for narrow edits.
  • Use workspace context only for workspace-wide search or organization tasks.
  • Review AI-written changes before treating them as final.
  • Use Orbit skills when the client supports Agent Skills.

Retention and recovery

Section titled “Retention and recovery”

Orbit relies on Microsoft 365 for file-level version history, retention policies, and recycle-bin recovery outside Orbit.

Orbit Recently Deleted is a product-level recovery flow for Orbit notes and skill files. It requires write access. Other file types may follow Microsoft 365 deletion and recovery behavior.

Section titled “Related pages”