Microsoft 365 keeps moving, and keeping governance in step is its own job. This quarter's Orchestry releases hand more of that work back to you: reporting you control, governance set the moment a workspace is born, and access that adapts to how your org is structured.
Here's everything that shipped in Q2 2026. Watch the full walkthrough with David Francoeur, our Director of Product, then dig into the details below.
Workspace Reports is the surface most admins live in, so we rebuilt it around one idea: filter by the problem, not the field. The 60+ standard reports you already rely on are still there, but now you can build your own.
Open the new column picker and switch on any of 150 collected fields, including your own custom metadata, then drag, reorder, and resize columns until the view matches the question you're actually asking.
Filtering and sorting got a real upgrade. Sort across multiple columns at once, and filter by things like owner-level versus anywhere access, workspaces missing a review policy, or guest presence.
Filter by Insights to pull everything flagged critical, important, or informational without writing a query, and use null-value filters to surface what's missing: no archival policy, no sensitivity label, no retention.
Save any view to the new Custom Reports area. It's personal to you, reusable by anyone on the tenant, and shareable by a single URL that carries your filters, columns, order, and search with it.
Running reviews at scale? There's now a ready-made Workspace Review Status Report that tracks every workspace under review, its policy, escalations, and who completed it and when.
Governance shouldn't start thirty days after a site does. The provisioning wizard has been rebuilt from the ground up, with a clean Display tab that controls what your end users see and deeper tabs (Type, Governance, Content and Storage, Security, Automations, Integrations) that control how each new workspace is governed.
Eight new site-level settings now apply automatically the moment a workspace is created, from maximum owners and default sensitivity labels to site quota and version limits. You set the posture once and every new workspace inherits it, which closes the exposure window before AI and agents ever read a thing.
Access should adapt to how your org is structured, not to a static list someone maintains by hand. Attribute-based access control brings attribute-driven boundaries into the Orchestry governance layer: a no-code rule builder maps your existing Entra ID groups to workspace attributes like region, business unit, and sensitivity.
It layers on top of your existing role-based rules, so even a workspace admin only sees the pockets of data they're authorized to, whether you segment by location, function, or another attribute.
Every rule change is logged and time-stamped, and none of it touches your underlying SharePoint or Teams permissions.
If your tenant spans regions, your reporting should too. Orchestry now auto-discovers and crawls every satellite geo admin center alongside your primary, so multinational tenants land in one unified view.
A new Geo Location column shows which data location each workspace lives in, and you can sort, filter, and drill into a specific region, or switch the column off if you don't need it. One view, every region, no blind spots.
Q3 is already underway, with more shipping in the first few weeks. Want to put any of this to work in your tenant? Watch the walkthrough above, or book a demo.