Role-Based Access Control and Conditional Access Policies in Microsoft 365 for Secure Academic Collaboration

Academic institutions are depending more and more on cloud-based collaboration tools like Microsoft 365 in the age of digital transformation to support administrative, teaching, and research tasks. In order to ensure safe academic collaboration among 10 Indian higher education institutions, this study examined the application and effects of Conditional Access Policies (CAP) and Role-Based Access Control (RBAC) within Microsoft 365. The study evaluated the degree of awareness, policy deployment procedures, and perceived results among IT administrators, academics, and administrative staff using a mixed-methods approach that included questionnaires, interviews, and system configuration checks. IT staff demonstrated a high degree of awareness and policy enforcement, according to the results, however faculty members had little knowledge of security controls, which frequently caused usability issues. Advanced restrictions like device compliance standards were less often adopted, although the majority of institutions had already put in place basic RBAC and CAP features like role groups and Multi-Factor Authentication. Users recognized notable gains in data security and system credibility, notwithstanding certain perceived barriers to collaboration effectiveness. The study came to the conclusion that attaining security and collaboration in academic settings requires a well-rounded approach that includes user training, inclusive policy formulation, and adaptive access controls.