{"id":22465,"date":"2026-02-26T09:00:00","date_gmt":"2026-02-26T17:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?p=22465"},"modified":"2026-03-05T09:10:07","modified_gmt":"2026-03-05T17:10:07","slug":"protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/","title":{"rendered":"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Some Microsoft employee groups can\u2019t afford to be visible.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For years, we supported email\u2011based communities internally here at Microsoft whose very existence depends on anonymity. These include employee resource groups, confidential project teams, and other sensitive audiences where simply revealing who belongs can create real\u2011world risk.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Traditional distribution groups make membership discoverable by default. Owners can see members. Admins can see members. In some cases, other users can infer membership through directory queries or tooling.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That model doesn\u2019t work when anonymity is a requirement.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Brett-Reifers.png\" alt=\"A photo of Reifers. \" class=\"wp-image-22469\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Brett-Reifers.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Brett-Reifers-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Brett-Reifers-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">\u201cWhen the SFI wave hit, it was made clear to us that we needed to keep our people safe, and to do that, we needed to build a new hidden memberships group MVP. We needed to raise the bar with modern groups, and we needed to do it in six months or miss meeting our goals.\u201d<\/p>\n<cite>Brett Reifers, senior product manager, Microsoft Digital<\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">For over 15 years, we relied on a custom, on\u2011premises solution that enabled employees to send and receive messages through groups with fully hidden memberships.<\/p>\n\n\n\n<aside class=\"wp-block-group aside-for-guide has-white-200-background-color has-background has-global-padding is-content-justification-right is-layout-constrained wp-container-core-group-is-layout-3f1abf08 wp-block-group-is-layout-constrained\" style=\"border-radius:10px;padding-top:var(--wp--preset--spacing--spacing-12);padding-right:var(--wp--preset--spacing--spacing-12);padding-bottom:var(--wp--preset--spacing--spacing-12);padding-left:var(--wp--preset--spacing--spacing-12)\">\n<div class=\"wp-block-group is-nowrap is-layout-flex wp-container-core-group-is-layout-298f84b7 wp-block-group-is-layout-flex\" style=\"margin-top:0;margin-bottom:0;padding-top:0;padding-bottom:0\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"132\" height=\"132\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/10\/Engage-with-our-experts_blogs.png\" alt=\"\" class=\"wp-image-20636\" style=\"width:48px\"\/><\/figure>\n\n\n\n<p class=\"has-body-lg-font-size wp-block-paragraph\"><strong>Engage with our experts!<\/strong><\/p>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-4)\">Customers or Microsoft account team representatives from Fortune 500 companies are welcome to <a href=\"mailto:msitstaff@microsoft.com\">request a virtual engagement<\/a> on this topic with experts from our Microsoft Digital team.<\/p>\n<\/aside>\n\n\n\n<p class=\"wp-block-paragraph\">The system worked, but we were deprecating the Microsoft Exchange servers that it ran on. At the same time, we were also deploying our <a href=\"https:\/\/learn.microsoft.com\/en-us\/security\/zero-trust\/sfi\/secure-future-initiative-overview\" target=\"_blank\" rel=\"noreferrer noopener\">Secure Future Initiative (SFI)<\/a>, which required us to reassess legacy systems that could expose sensitive data or slow incident response, including hidden membership groups.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The system wasn\u2019t broken, but it represented concentrated risk simply by existing outside our modern cloud controls and monitoring.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWhen the SFI wave hit, it was made clear to us that we needed to keep our people safe, and to do that, we needed to build a new hidden memberships group MVP,\u201d says Brett Reifers, a product manager in Microsoft Digital, the company&#8217;s IT organization. \u201cWe needed to raise the bar with modern groups, and we needed to do it in six months or miss meeting our goals.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The mandate was clear. Preserve anonymity, eliminate on\u2011premises dependencies, and do it quickly.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Nate-Carson.png\" alt=\"A photo of Carson.\" class=\"wp-image-22470\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Nate-Carson.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Nate-Carson-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Nate-Carson-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">\u201cOur solution would enable us to deprecate our legacy on-premises Exchange hardware while maintaining the privacy of our employee groups, and it would do so in a cloud-first manner.\u201d<\/p>\n<cite><strong>Nate Carson, principal service engineer, Microsoft Digital<\/strong><\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">Instead of retrofitting hidden membership into standard Microsoft 365 groups, we asked a different question: What if the group lived somewhere else entirely? What if users interacted with a simple, secure front end, while all membership expansion and mail flow occurred in a locked\u2011down tenant built specifically for this purpose?<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That idea became the foundation for Hidden Membership Groups: A new cloud\u2011first architecture that would separate user experience, leverage first\u2011party Microsoft services, and keep our group memberships hidden from everyone\u2014including owners and administrators\u2014by design.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cOur solution would enable us to deprecate our legacy on-premises Exchange hardware while maintaining the privacy of our employee groups, and it would do so in a cloud-first manner,\u201d says Nate Carson, a principal service engineer in Microsoft Digital.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Once we settled on a solution, our next step was to get support for solving a problem not many people thought much about. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cNot everyone was aware of how serious of a situation we were in,\u201d Carson says. \u201cWe had to show everyone what was at stake, and to share our solution with them.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">After taking their plan on the road, the team got the buy in it needed, and that\u2019s when the real work started. &nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Planning to solve business problems with security built-in<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Before we designed anything, we had to be clear about what success meant.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Hidden Membership Groups aren\u2019t just another collaboration feature. They support scenarios where anonymity wasn\u2019t optional\u2014it\u2019s foundational. That reality shaped every requirement that we built into our solution, including:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>1. Absolute privacy<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Group membership couldn\u2019t be immediately visible to users, group owners, or administrators\u2013under any circumstances. That requirement immediately ruled out standard group models.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>2. Cloud only<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Any new solution had to live entirely in our cloud, use first\u2011party services, and align with modern identity, security, and compliance practices. On\u2011premises infrastructure wasn\u2019t an option.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>3. Scale<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Some groups had a handful of members. Others had tens of thousands. Membership changed frequently, and those changes had to propagate safely and predictably without exposing data or degrading performance.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>4. Separation of concerns<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">User interaction and membership truth couldn\u2019t live in the same place. Employees needed a simple way to discover groups, request access, and manage participation, without ever interacting with the system that stored or expanded membership.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>5. Self\u2011service with guardrails<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The solution needed to reduce operational overhead, not introduce a new bottleneck. Group lifecycle management had to be automated, auditable, and secure, while still giving teams flexibility.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>6. Simple to use<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Employees shouldn\u2019t need special training. They shouldn\u2019t need to understand tenants, identity synchronization, or mail routing. The experience needed to be intuitive, consistent, and accessible\u2014without compromising security.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Once those requirements were clear, our solution started to emerge. Incremental changes wouldn\u2019t be enough. A traditional group model wouldn\u2019t work. The solution required a new architecture\u2014one designed around isolation, automation, and intentional limitation.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That\u2019s when we started the engineering work.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Creating a cloud-first architecture<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Designing for hidden membership meant eliminating ambiguity. If any surface could reveal membership, even indirectly, it didn\u2019t belong in the design.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">That constraint led us toward a model built on strict isolation, explicit APIs, and intentionally narrow interfaces. The result is straightforward to use, but deliberately difficult to interrogate.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Two tenants, with sharply separated responsibilities<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">At the foundation of the solution is a two\u2011tenant model.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Our primary Microsoft 365 tenant is where employees authenticate, discover groups, and initiate actions. A secondary, isolated tenant hosts the distribution lists and performs mail expansion for Hidden Membership Groups.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Chad-Mace.png\" alt=\"A photo of Mace. \" class=\"wp-image-22471\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Chad-Mace.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Chad-Mace-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Chad-Mace-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">\u201cTenant isolation is what makes the privacy guarantee real. By moving membership expansion to a tenant that users and owners can\u2019t access, we removed the possibility of accidental exposure. The system simply doesn\u2019t give you a place where membership can be seen.\u201d<\/p>\n<cite>Chad Mace, principal architect, Microsoft Digital<\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">That separation matters because the secondary tenant isn\u2019t designed for interactive use. Only Exchange and the minimum directory constructs required for mail routing and expansion are enabled.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Operationally, when an employee sends email to a Hidden Membership Group, they send to a mail contact visible in the corporate tenant. That contact routes to the corresponding distribution group in the isolated tenant, where membership expansion occurs. Expanded messages are then delivered back in recipients\u2019 inboxes in the corporate tenant, so sent and received mail lives where users already work.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cTenant isolation is what makes the privacy guarantee real,\u201d says Chad Mace, a principal architect in Microsoft Digital. \u201cBy moving membership expansion to a tenant that users and owners can\u2019t access, we removed the possibility of accidental exposure. The system simply doesn\u2019t give you a place where membership can be seen.\u201d<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Identity without interactive access<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">This isolated tenant only works if it can resolve recipients. To enable that, our development team used Microsoft Entra ID multi\u2011tenant organization identity sync to represent corporate users in the secondary tenant.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">These identities are treated as business guest identities, and we disable sign\u2011in to prevent interactive access. The tenant can perform expansion, but nothing more.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">However, complete isolation wasn\u2019t technically possible. Privileged access always exists at some level. The design response was to minimize that exposure. Access to the isolated tenant is tightly restricted, and membership changes flow through automation rather than broad UI-based administration.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The goal: reduce exposure to the smallest viable operational group.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">API-first automation as the control plane<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">With tenancy and identity model established, the team needed a single, consistent way to create groups, connect objects across tenants, and manage changes without introducing new administrative workflows. That\u2019s where the APIs come in.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/John-Pena-II.png\" alt=\"A photo of Pena II.\" class=\"wp-image-22472\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/John-Pena-II.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/John-Pena-II-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/John-Pena-II-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">\u201cWe split the backend into multiple APIs so the system could scale without becoming fragile. That let us separate everyday operations from high-volume membership work and keep performance predictable.\u201d<\/p>\n<cite>John Pena II, principal software engineer, Microsoft Digital<\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">The backend is intentionally modular, split into three distinct APIs:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">The <strong>control API<\/strong> handles group creation, configuration, and cross\u2011tenant coordination.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">The <strong>membership API<\/strong> handles standard add and remove operations.<\/li>\n\n\n\n<li class=\"wp-block-list-item\">The <strong>bulk membership APIs<\/strong> handle large\u2011scale operations involving tens of thousands of users, with services designed to run long\u2011lived jobs, manage throttling, and recover from partial failures.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe split the backend into multiple APIs so the system could scale without becoming fragile,\u201d says John Pena II, a principal software engineer in Microsoft Digital. \u201cThat let us separate everyday operations from high-volume membership work and keep performance predictable.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The APIs run as PowerShell-based Azure Functions and use managed identity patterns, including federated identity credentials, to securely connect across tenants.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Creating the user experience with PowerApps<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">For the front end, we built a Canvas app in Power Apps, backed by Dataverse. The goal was speed and flexibility, without compromising strict privacy boundaries.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">By using Power Apps as the primary interaction layer, we deliver a secure, modern experience without unnecessary custom infrastructure. The Canvas app provides a single, focused surface for discovering, joining, and managing hidden membership groups, while all sensitive operations remain behind controlled APIs and tenant boundaries. This separation allows the team to iterate quickly on experience design without weakening the privacy guarantees that the solution depends on.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Power Platform also simplifies how security is being enforced across the solution. Dataverse enables fine\u2011grained, role\u2011based access, ensuring users only see data they\u2019re entitled to see\u2014while keeping sensitive membership information entirely out of the client layer. That reduces long\u2011term maintenance overhead and makes it easier to evolve the solution as requirements change.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cFrom the beginning, we designed everything with security roles and workflows in mind,\u201d says Shiva Krishna Gollapelly, senior software engineer in Microsoft Digital. \u201cDataverse let us control who could see or change data without building additional APIs or storage layers, and keeping everything inside the Power Apps ecosystem saved us a lot of maintenance over time.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Dataverse plays a precise role here: it maintains the datastore the app needs to function without becoming a secondary membership repository.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Bita-Amanishahrak.png\" alt=\"A photo of Amanishahrak.\" class=\"wp-image-22473\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Bita-Amanishahrak.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Bita-Amanishahrak-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Bita-Amanishahrak-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">\u201cUsing the Power Platform let us move fast, integrate deeply with Microsoft identity, and enforce security without building a full web stack from scratch.\u201d<\/p>\n<cite>Bita Amanishahrak, software engineer II, Microsoft Digital<\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">From a security posture perspective, Dataverse security is used intentionally to restrict what different users can see and do, and the Power App was developed with security roles and workflows in mind.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Short version: the app brokers intent, the APIs execute it, and all the pieces that need to stay separate do exactly that.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cUsing the Power Platform let us move fast, integrate deeply with Microsoft identity, and enforce security without building a full web stack from scratch,\u201d says Bita Amanishahrak, a software engineer in Microsoft Digital.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The architectural intent is consistent throughout\u2014isolate the sensitive plane and ensure the user plane operates only through controlled interfaces.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Benefits and impact<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">The most important outcome of the new architecture is also the simplest: Hidden membership stays hidden.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Anonymity isn\u2019t enforced by policy. It\u2019s enforced by architecture. Membership data never appears in the user experience or administrative tooling, and it doesn\u2019t surface as a side effect of scale.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe\u2019re no longer asking people to trust that we\u2019ll handle sensitive membership carefully through process,\u201d Reifers says. \u201cThe system makes exposure structurally impossible.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The impact was immediate.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">At launch, we migrated more than 2,200 hidden membership groups, representing over 200,000 users, from the legacy on\u2011premises system into the new cloud\u2011first architecture. Groups ranged from small, tightly controlled communities to audiences with tens of thousands of members, all supported without special handling.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cSome of these groups are massive,\u201d Pena says. \u201cWe knew from the beginning we were dealing with memberships in the tens of thousands, which is why we designed bulk operations as a first\u2011class capability instead of an afterthought.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The separation between routine APIs and bulk\u2011membership APIs proved critical, enabling large migrations and ongoing changes without degrading day-to-day performance.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Operationally, moving to a cloud\u2011only model reduced both risk and complexity. Decommissioning the on\u2011premises Exchange infrastructure eliminated specialized maintenance requirements and improved monitoring, auditing, and access controls alignment with our modern cloud standards.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Delivery speed also mattered. Driven by Secure Future Initiative urgency and strong executive sponsorship, the team designed and delivered a minimum viable product in less than six months.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cThat timeline forced discipline,\u201d Reifers says. \u201cWe focused on what mattered: Security, privacy guarantees, scale, and a UX that wouldn\u2019t disrupt group owners and\/or members that had relied on a 15-year old tool.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Everything else was secondary.<\/p>\n\n\n\n<figure class=\"wp-block-image alignright size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"500\" height=\"500\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Shiva-Krishna-Gollapelly.png\" alt=\"A photo of Gollapelly.\" class=\"wp-image-22474\" style=\"width:150px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Shiva-Krishna-Gollapelly.png 500w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Shiva-Krishna-Gollapelly-300x300.png 300w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/Shiva-Krishna-Gollapelly-150x150.png 150w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/figure>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p class=\"wp-block-paragraph\">\u201cMost users never think about tenants or APIs. They just see a clean experience that does what they need, without exposing anything it shouldn\u2019t.\u201d<\/p>\n<cite>Shiva Krishna Gollapelly, senior software engineer, Microsoft Digital<\/cite><\/blockquote>\n\n\n\n<p class=\"wp-block-paragraph\">From an employee perspective, the experience became simpler and safer. Users now interact through a Power Platform app consistent with the rest of Microsoft 365. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Discovering a group, requesting access, or leaving a group no longer requires understanding the architecture behind it.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cMost users never think about tenants or APIs,\u201d Gollapelly says. \u201cThey just see a clean experience that does what they need, without exposing anything it shouldn\u2019t.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The result is sustainable. The platform protects anonymity at scale, simplifies operations, boosts resiliency, and can evolve without reopening core privacy questions.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Moving forward<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Delivering the initial solution was only the beginning.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The team sees Hidden Membership Groups as more than a single solution. It\u2019s a reusable pattern for sensitive collaboration in a cloud\u2011first world: isolate what matters most, automate everything else, and design experiences that don\u2019t require trust to be safe.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">As adoption grows, the team plans to support additional anonymity-sensitive scenarios while maintaining the same underlying model.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe don\u2019t want every sensitive scenario inventing its own workaround,\u201d Mace says. \u201cThis gives us a pattern we can reuse confidently.\u201d<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Future priorities include improving lifecycle and ownership experiences, strengthening auditing and reporting for approved administrators, and enhancing self\u2011service workflows\u2014without compromising membership privacy. If it risks exposing membership, it doesn\u2019t ship.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">With the legacy system fully retired, Reifers reflects on what the team accomplished to get here.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u201cWe shipped a new enterprise pattern in six months using our first party tools,\u201d Reifers says. \u201cWe achieved this because a stellar team cared about the mission. That&#8217;s the takeaway.\u201d<\/p>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Key-takeaways-badge.png\" alt=\"\" class=\"wp-image-19493\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Key-takeaways-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Key-takeaways-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">Key takeaways<\/p>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\">Use these tips to strengthen your privacy, simplify your operations, and future-proof your organization\u2019s collaboration systems:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><strong>Prioritize privacy by design.<\/strong> Embed privacy considerations from the start to protect sensitive information in all collaboration scenarios.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Architect for scale. <\/strong>Treat bulk operations to support large groups efficiently as a first-class capability.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Automate and modernize workflows.<\/strong> Replace legacy systems with cloud-native solutions to reduce risk, improve transparency, and enable continuous improvement.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Streamline user experience.<\/strong> Provide intuitive, consistent interfaces that make it easy for users to access, join, or leave groups without requiring technical knowledge.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Enforce strict access and auditing controls.<\/strong> Align monitoring and administration with modern cloud standards to maintain security and accountability.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Create reusable patterns.<\/strong> Establish and share successful privacy patterns to avoid reinventing solutions for each new case.<\/li>\n\n\n\n<li class=\"wp-block-list-item\"><strong>Focus on operational simplicity and resilience.<\/strong> Design systems that are easy to maintain and improve, freeing up teams to concentrate on innovation rather than upkeep.<\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge.png\" alt=\"\" class=\"wp-image-19492\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Try-it-out-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">Try it out<\/p>\n<\/div>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/learn.microsoft.com\/power-platform\/overview?OCID=InsideTrack_Product_10801\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><a href=\"https:\/\/learn.microsoft.com\/en-us\/power-platform\/?OCID=InsideTrack_Product_10801\" target=\"_blank\" rel=\"noreferrer noopener\">Discover how to make the most of Microsoft Power Platform products with online training courses, docs, and videos covering product capabilities and how-to guides.<\/a><\/p>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge.png\" alt=\"\" class=\"wp-image-19491\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Related-links-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">Related links<\/p>\n<\/div>\n\n\n\n<ul style=\"margin-top:var(--wp--preset--spacing--spacing-20)\" class=\"wp-block-list\">\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/learn.microsoft.com\/power-apps\/powerapps-overview\" target=\"_blank\" rel=\"noreferrer noopener\">Learn more about Power Apps.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/learn.microsoft.com\/exchange\/exchange-online\" target=\"_blank\" rel=\"noreferrer noopener\">Explore Exchange Online.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/learn.microsoft.com\/security\/zero-trust\/\" target=\"_blank\" rel=\"noreferrer noopener\">Review our guidance on designing secure, cloud\u2011first architectures aligned with Zero Trust principles.<\/a><\/li>\n\n\n\n<li class=\"wp-block-list-item\"><a href=\"https:\/\/www.microsoft.com\/en-us\/privacy\" type=\"link\" id=\"https:\/\/www.microsoft.com\/en-us\/privacy\" target=\"_blank\" rel=\"noreferrer noopener\">Learn more about Privacy at Microsoft.<\/a><\/li>\n<\/ul>\n<\/div>\n\n\n\n<div class=\"wp-block-group has-global-padding is-content-justification-left is-layout-constrained wp-container-core-group-is-layout-c0392459 wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<div class=\"wp-block-group has-global-padding is-layout-constrained wp-container-core-group-is-layout-7db9d80f wp-block-group-is-layout-constrained\" style=\"padding-right:0;padding-left:0\">\n<figure class=\"wp-block-image alignleft size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"190\" height=\"190\" src=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge.png\" alt=\"\" class=\"wp-image-19490\" style=\"object-fit:cover;width:75px;height:75px\" srcset=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge.png 190w, https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2025\/07\/Wed-like-to-hear-from-you-badge-150x150.png 150w\" sizes=\"auto, (max-width: 190px) 100vw, 190px\" \/><\/figure>\n\n\n\n<p class=\"has-body-xl-font-size wp-block-paragraph\" style=\"margin-top:var(--wp--preset--spacing--spacing-24);margin-bottom:0;padding-top:var(--wp--preset--spacing--spacing-24)\">We&#8217;d like to hear from you!<\/p>\n<\/div>\n\n\n\n<ul style=\"margin-top:var(--wp--preset--spacing--spacing-20)\" class=\"wp-block-list is-style-list-no-bullets\">\n<li class=\"wp-block-list-item\"><a href=\"mailto:msitstaff@microsoft.com\">Want more information? Email us and include a link to this story and we\u2019ll get back to you.<\/a><\/li>\n<\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Some Microsoft employee groups can\u2019t afford to be visible. For years, we supported email\u2011based communities internally here at Microsoft whose very existence depends on anonymity. These include employee resource groups, confidential project teams, and other sensitive audiences where simply revealing who belongs can create real\u2011world risk. Traditional distribution groups make membership discoverable by default. Owners [&hellip;]<\/p>\n","protected":false},"author":92,"featured_media":22467,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_hide_featured_on_single":false,"_show_featured_caption_on_single":true,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[71,1],"tags":[328,850,115,849,848],"coauthors":[550],"class_list":["post-22465","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-featured","category-uncategorized","tag-azure-and-cloud-infrastructure","tag-end-user-services-and-support","tag-microsoft-azure","tag-network-and-infrastructure","tag-security-and-risk-management","m-blog-post"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft - Inside Track Blog<\/title>\n<meta name=\"description\" content=\"Discover how we designed a cloud\u2011first architecture that preserves absolute anonymity for sensitive employee groups here at Microsoft.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft - Inside Track Blog\" \/>\n<meta property=\"og:description\" content=\"Discover how we designed a cloud\u2011first architecture that preserves absolute anonymity for sensitive employee groups here at Microsoft.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/\" \/>\n<meta property=\"og:site_name\" content=\"Inside Track Blog\" \/>\n<meta property=\"article:published_time\" content=\"2026-02-26T17:00:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-05T17:10:07+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/10800_Hero-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2300\" \/>\n\t<meta property=\"og:image:height\" content=\"1293\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jason Kellington\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jason Kellington\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"13 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/\"},\"author\":{\"name\":\"Jason Kellington\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#\\\/schema\\\/person\\\/873dfaa69644d9b2e9861bc6dac478b6\"},\"headline\":\"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft\",\"datePublished\":\"2026-02-26T17:00:00+00:00\",\"dateModified\":\"2026-03-05T17:10:07+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/\"},\"wordCount\":2696,\"image\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/uploads\\\/prod\\\/2026\\\/02\\\/10800_Hero-image.jpg\",\"keywords\":[\"Azure and cloud infrastructure\",\"End user services and support\",\"Microsoft Azure\",\"Network and infrastructure\",\"Security and risk management\"],\"articleSection\":[\"Featured\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/\",\"url\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/\",\"name\":\"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft - Inside Track Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/uploads\\\/prod\\\/2026\\\/02\\\/10800_Hero-image.jpg\",\"datePublished\":\"2026-02-26T17:00:00+00:00\",\"dateModified\":\"2026-03-05T17:10:07+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#\\\/schema\\\/person\\\/873dfaa69644d9b2e9861bc6dac478b6\"},\"description\":\"Discover how we designed a cloud\u2011first architecture that preserves absolute anonymity for sensitive employee groups here at Microsoft.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/uploads\\\/prod\\\/2026\\\/02\\\/10800_Hero-image.jpg\",\"contentUrl\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/uploads\\\/prod\\\/2026\\\/02\\\/10800_Hero-image.jpg\",\"width\":2300,\"height\":1293,\"caption\":\"Our cloud\u2011first architecture preserves absolute anonymity for sensitive employee groups by separating user experience from membership expansion and enforcing privacy by design.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/\",\"name\":\"Inside Track Blog\",\"description\":\"How Microsoft does IT\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/#\\\/schema\\\/person\\\/873dfaa69644d9b2e9861bc6dac478b6\",\"name\":\"Jason Kellington\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d4b158da36ed1724c7b9904b655dca8f848e188c9a11b293da2c41a62cd51391?s=96&d=mm&r=g194a4f0f478cef34134d870cc64e1068\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d4b158da36ed1724c7b9904b655dca8f848e188c9a11b293da2c41a62cd51391?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d4b158da36ed1724c7b9904b655dca8f848e188c9a11b293da2c41a62cd51391?s=96&d=mm&r=g\",\"caption\":\"Jason Kellington\"},\"url\":\"https:\\\/\\\/www.microsoft.com\\\/insidetrack\\\/blog\\\/author\\\/v-jaske\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft - Inside Track Blog","description":"Discover how we designed a cloud\u2011first architecture that preserves absolute anonymity for sensitive employee groups here at Microsoft.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/","og_locale":"en_US","og_type":"article","og_title":"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft - Inside Track Blog","og_description":"Discover how we designed a cloud\u2011first architecture that preserves absolute anonymity for sensitive employee groups here at Microsoft.","og_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/","og_site_name":"Inside Track Blog","article_published_time":"2026-02-26T17:00:00+00:00","article_modified_time":"2026-03-05T17:10:07+00:00","og_image":[{"width":2300,"height":1293,"url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/10800_Hero-image.jpg","type":"image\/jpeg"}],"author":"Jason Kellington","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Jason Kellington","Est. reading time":"13 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/"},"author":{"name":"Jason Kellington","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/873dfaa69644d9b2e9861bc6dac478b6"},"headline":"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft","datePublished":"2026-02-26T17:00:00+00:00","dateModified":"2026-03-05T17:10:07+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/"},"wordCount":2696,"image":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/10800_Hero-image.jpg","keywords":["Azure and cloud infrastructure","End user services and support","Microsoft Azure","Network and infrastructure","Security and risk management"],"articleSection":["Featured"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/","name":"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft - Inside Track Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/10800_Hero-image.jpg","datePublished":"2026-02-26T17:00:00+00:00","dateModified":"2026-03-05T17:10:07+00:00","author":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/873dfaa69644d9b2e9861bc6dac478b6"},"description":"Discover how we designed a cloud\u2011first architecture that preserves absolute anonymity for sensitive employee groups here at Microsoft.","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/#primaryimage","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/10800_Hero-image.jpg","contentUrl":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/10800_Hero-image.jpg","width":2300,"height":1293,"caption":"Our cloud\u2011first architecture preserves absolute anonymity for sensitive employee groups by separating user experience from membership expansion and enforcing privacy by design."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/protecting-anonymity-at-scale-how-we-built-cloud-first-hidden-membership-groups-at-microsoft\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/insidetrack\/blog\/"},{"@type":"ListItem","position":2,"name":"Protecting anonymity at scale: How we built cloud-first hidden membership groups at Microsoft"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#website","url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/","name":"Inside Track Blog","description":"How Microsoft does IT","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/insidetrack\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.microsoft.com\/insidetrack\/blog\/#\/schema\/person\/873dfaa69644d9b2e9861bc6dac478b6","name":"Jason Kellington","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d4b158da36ed1724c7b9904b655dca8f848e188c9a11b293da2c41a62cd51391?s=96&d=mm&r=g194a4f0f478cef34134d870cc64e1068","url":"https:\/\/secure.gravatar.com\/avatar\/d4b158da36ed1724c7b9904b655dca8f848e188c9a11b293da2c41a62cd51391?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d4b158da36ed1724c7b9904b655dca8f848e188c9a11b293da2c41a62cd51391?s=96&d=mm&r=g","caption":"Jason Kellington"},"url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/author\/v-jaske\/"}]}},"jetpack_featured_media_url":"https:\/\/www.microsoft.com\/insidetrack\/blog\/uploads\/prod\/2026\/02\/10800_Hero-image.jpg","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9hcZA-5Ql","_links":{"self":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/22465","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/users\/92"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/comments?post=22465"}],"version-history":[{"count":9,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/22465\/revisions"}],"predecessor-version":[{"id":22485,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/posts\/22465\/revisions\/22485"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media\/22467"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/media?parent=22465"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/categories?post=22465"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/tags?post=22465"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/insidetrack\/blog\/wp-json\/wp\/v2\/coauthors?post=22465"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}