Miro boards items can contain privacy and regulatory data (such as PII, PHI, PCI) or confidential business critical content (such as financial information, HR information, IP, trade secrets). After data discovery and auto-classification, organizations must implement proactive controls that are crucial for maintaining sustained privacy, security, and compliance with relevant regulations.
With guardrails, you can now automatically enforce proactive controls, such as automatically restricting sharing capabilities at various levels (public, team, organization) based on the board's content and classification level or restricting content replication. This ensures sustained privacy and compliance without hindering business operations.
Figure 1: Content security and sharing guardrails
Admins have two options for rolling out Intelligent Guardrails in their organization:
- Default mode: By default, guardrails do not affect active sharing options on boards to avoid disrupting ongoing collaboration, including when the boards are reclassified during auto-classification.
- Strict mode: When the Apply guardrails in strict mode toggle is turned on, guardrails override all active sharing options. This provides Admins with the strictest levels of control, but can also result in some users losing board access immediately.
Consider a scenario where you configured guardrails to ensure that users of boards classified as CONFIDENTIAL are not allowed to share the board with public, share with teams, share with organization, or replicate content. Someone in your organization created a new board named Financial Plan, added some revenue numbers, and assigned the CONFIDENTIAL classification level for this board. Guardrail settings are automatically applied and all users are not able to share the board and all users except the board owner cannot replicate content (Figure 2).
Figure 2: Public sharing of the board is disabled
Sharing guardrails
The following table lists the sharing guardrails supported in the current release.
Guardrail | Description | Users affected |
Block public sharing |
- Option to share with Anyone with the link is not available in the Miro UI. - Public sharing via API is not available. The API returns an error 403 as a response. - Block public sharing is not applicable to boards embedded using the access-link of Live Embed as these boards are not considered to be shared via public link. For more information, see How to allow or restrict embedding Miro boards in supported apps. |
Everyone is restricted, including the board owner. |
Block sharing with teams |
- Option to share with Anyone at Team is not available in the Miro UI. - Sharing with teams via API is not available. The API returns an error 403 as a response. |
Everyone is restricted, including the board owner. |
Block sharing with organization |
- Option to share with Anyone at Organization is not available in the Miro UI. - Sharing with organization via API is not available. The API returns an error 403 as a response. |
Everyone is restricted, including the board owner. |
Content security guardrails
The following table lists the content security guardrails supported in the current release.
Guardrail | Description | Users affected |
Block content replication |
- Options to manage content replication in both the Miro UI and the Miro APIs are not available. For example, the option to update who can copy board content is not available in the UI and the option to update copy access via the update board API is not available. - Options for content replication are not available in the Miro UI. This includes: - Duplicating a board to other - Downloading files on the board - Downloading images on the board - Downloading PDFs on the board - Copying content or objects from - Exporting boards as an image - Exporting boards as PDF - Saving boards as a custom - Content replication via APIs are |
The board owner and co-owners are not restricted. The board owner and co-owners can perform content replication actions as this is needed for the board owner to update the board and create sanitized versions of the boards for further collaboration. Everyone else is restricted. |