Unfortunately, we've had situations where something happened on our website that exposed some PII info. When that happens, we take immediate action to remedy the issue by working with the appropriate teams and updating any masking. Depending on the issue, we may temporarily remove users from that application while we purge any sessions and resolve the issue.

Currently, we must click into every user and remove them from that app and then again add them back in. It would be great if we could globally add/remove access to an application by Role and by Group.