Verifying Office 365 Administrator Access to User Data


The Golden Keys to User Data

Administrators have always had the ability to access user data and Office 365 is no different. This article explains the situation and look at two methods administrators can use to retrieve content. One is the famous (or infamous) Search-Mailbox cmdlet and the other is Office 365 content searches.

Both actions are captured in the Office 365 Audit log, but how many people actually check that log regularly to pick up odd administrator activity? Of course, because it’s usually the administrators who look at the audit log, they already know what they’ve done.

But the advent of regulations like GDPR means that Office 365 tenants need to pay a lot more attention to the protection of personal data, so isn’t it time that your company had a policy to cover how and when administrators are allowed to retrieve user data?

See Chapter 6 of Office 365 for IT Pros for more information about the Search-Mailbox cmdlet and Chapter 20 for information about using content searches. And then follow up by reviewing Chapter 21 to learn about the Office 365 audit log and how to analyze its contents.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.