Microsoft has launched Privileged Access Management (PAM) for Office 365. The name’s incorrect because PAM only works for Exchange Online right now. PAM is based on RBAC, which is good, but is the implementation too Exchange-centric?
Exchange administrators are accustomed to looking through mailbox audit logs to find details of events. Those same events are in the Office 365 audit log, so that’s the place to go look for information, like when you want to find out who sent a message from a shared mailbox using the SendAs permission.
Do Office 365 tenants need to take backups of Exchange Online, SharePoint Online, Teams, Planner, Yammer, and the other data that they accumulate. I don’t think they do in most cases, and the problem is exacerbated because most backup solutions sold for Office 365 can’t deal with the full suite.
Do you need to remove some offensive or otherwise doubtful material from Teams? If the original author won’t do the right thing, the team owner or an Office 365 administrator might have to step in to do the right thing.
When you impose a block on certain domains, you’d like to think that applications like Teams will respect that block. As it turns out, if you have some lingering guests in your Azure Active Directory, the B2B collaboration policy might not be as effective as you’d hope.