Shared Responsibility
Three Zones of Responsibility
Security in Sensei IQ is a shared responsibility across three parties: Microsoft, Sensei Project Solutions, and your organization. Understanding where each party's responsibilities begin and end is essential for evaluating the overall security posture of the solution — and for structuring your own controls appropriately.
The boundaries are clearer than in traditional SaaS, because Sensei IQ does not operate in a Sensei-owned cloud environment. The architecture makes the responsibility lines explicit.
Identity Is the Primary Perimeter
Before looking at each zone, it's worth restating the foundational principle: Microsoft Entra ID is the security perimeter for Sensei IQ. There is no network perimeter, no DMZ, no VPN that gates access to Sensei IQ.
A user or service can only interact with Sensei IQ if they hold a valid identity token issued by your tenant's Entra ID. This means your organization's identity policies — MFA requirements, Conditional Access rules, sign-in risk policies — are the front line of defense for the application, and they are entirely under your control.
Microsoft's Responsibilities
Microsoft is responsible for the security of the cloud infrastructure and platform services that Sensei IQ runs on top of:
| Area | Microsoft's Responsibility |
|---|---|
| Physical security | Data center physical access controls, hardware security |
| Network infrastructure | Backbone network security, DDoS protection, service isolation |
| Platform encryption | Encryption at rest (Dataverse/AES-256), TLS enforcement in transit |
| Identity platform | Entra ID infrastructure, token issuance, authentication service availability |
| Compliance certifications | SOC 1/2, ISO 27001/27018, GDPR, and other certifications for Power Platform and Dataverse |
| Platform patching | Security patches for Dataverse, Power Apps, Power Automate, and underlying Azure infrastructure |
| Service availability | Uptime SLAs for Power Platform, Dataverse, and M365 |
| Audit infrastructure | Microsoft Purview audit log infrastructure and retention |
Microsoft publishes its security commitments through the Service Trust Portal and Power Platform Trust Center.
Sensei's Responsibilities
Sensei is responsible for the code, configuration, and design of the Sensei IQ solution itself:
| Area | Sensei's Responsibility |
|---|---|
| Application security | Security of the Power Apps, plugins, Power Automate flows, PCF controls, and Dataflows we author |
| Secure SDLC | Code review, static analysis, credential scanning, dependency management in our development pipeline |
| Security role design | Designing Dataverse security roles that enforce least-privilege access within the application |
| Service principal design | Requesting only the minimum permissions required for each service principal Sensei creates |
| Secrets management | Protecting service principal secrets and deployment credentials in Azure Key Vault |
| Vulnerability management | Identifying and remediating security vulnerabilities in Sensei IQ code |
| Sensei internal systems | Security of our own development infrastructure, source control, and corporate systems |
| Incident response (Sensei-side) | Responding to incidents affecting our internal systems and supporting clients when asked |
What Sensei is not responsible for:
- The security configuration of your Microsoft 365 tenant
- Your organization's Conditional Access, MFA, or identity policies
- Dataverse environment-level settings (backup configuration, retention policies, audit log settings)
- The security posture of any other applications or services in your tenant
Your Organization's Responsibilities
Your organization is responsible for the tenant configuration and access governance that surrounds Sensei IQ:
| Area | Your Organization's Responsibility |
|---|---|
| Identity governance | User account lifecycle (provisioning, de-provisioning), MFA enforcement, Conditional Access policies |
| Access management | Assigning and revoking Dataverse security roles for Sensei IQ users |
| Tenant security configuration | Entra ID settings, Dataverse environment security settings, Power Platform admin policies |
| Service principal review | Reviewing and approving service principals registered by Sensei in your tenant |
| Audit log monitoring | Configuring and reviewing Power Platform audit logs and Entra ID sign-in logs |
| Backup & restore | Power Platform environment backup settings and restore procedures |
| Data retention policies | Configuring retention labels and policies for Dataverse data |
| User training | Ensuring your users understand appropriate use of Sensei IQ and your organization's data policies |
| Broader M365 security | The security of your overall Microsoft 365 environment, which provides the trust boundary for Sensei IQ |
How This Compares to Traditional SaaS
In a traditional multi-tenant SaaS model, the vendor operates the infrastructure, stores your data, and is responsible for the bulk of the security controls you'd evaluate in a vendor review.
With Sensei IQ, that division shifts significantly:
| Aspect | Traditional SaaS | Sensei IQ |
|---|---|---|
| Data location | Vendor's infrastructure | Your Microsoft tenant |
| Encryption key management | Vendor-managed | Microsoft-managed (or customer-managed) |
| Identity & access | Vendor's identity system + your SSO integration | Entirely your Entra ID |
| Audit logs | Vendor provides access to their logs | Your Microsoft Purview logs |
| Compliance certifications | Vendor's own certifications | Microsoft's certifications (already in your tenant) |
| Vendor access to your data | Vendor has standing access | Sensei has no access unless you grant it |
This model means your organization already has most of the security controls in place. The evaluation question shifts from "can we trust this vendor with our data?" to "does Microsoft's platform meet our requirements?" — a question many organizations have already answered yes to.