Office 365 Privileged Access Management: Too Flawed and Too Exchange?

Microsoft has launched Privileged Access Management (PAM) for Office 365. The name’s incorrect because PAM only works for Exchange Online right now. PAM is based on RBAC, which is good, but is the implementation too Exchange-centric?

Using the Office 365 Audit Log to Find SendAs Events

Exchange administrators are accustomed to looking through mailbox audit logs to find details of events. Those same events are in the Office 365 audit log, so that’s the place to go look for information, like when you want to find out who sent a message from a shared mailbox using the SendAs permission.

Protecting Email Holding Sensitive Data

Office 365 offers different ways to apply encryption to important messages. When those messages hold sensitive data known to Office 365, like credit cards or passport numbers, we can define a transport rule or DLP policy to protect outbound email automatically. And while you can define rules and policies through the GUI, PowerShell is available too.

Migrating On-Premises Distribution Lists to Exchange Online

If you run a hybrid Exchange deployment, you probably have some on-premises distribution lists that you’d like to move to the cloud. Office 365 offers no way to do this, so it’s up to PowerShell. Instead of starting from scratch, you can use a script created by Tim McMichael of Microsoft and amend it to meet your needs. PowerShell is just great.