Although Office 365 supervision policies are intended to monitor a subset of user communications, usually involving specific groups of people, you might want to use a policy to monitor all email. In that case, how do you make sure that your policy has everyone in scope? The problem is that supervision policies don’t support dynamic distribution lists, so you need to do some work to build and maintain a distribution list containing all user mailboxes.
If you work with Office 365 through PowerShell, you probably have your own script to connect to the various services. If you don’t want to write your own script, you can download one from GitHub or the TechNet Gallery. This article covers two that you might like to try, including one with a GUI to choose which Office 365 services it should connect to.
PowerShell is hugely useful when the time comes to automate Office 365 processes. Other tools exist that can help, including Flow. Maybe it’s the right time to consider Flow, especially when it is highly capable of knitting together different Office 365 components to get work done.
The Search-Mailbox cmdlet is a very powerful weapon for Exchange administrators. It has some quirks, but the Invoke-Command cmdlet helps us get around one, which is how to use a different search query for each mailbox processed in a set of mailboxes.
Microsoft has released details of an Exchange Online transport rule to encrypt outbound email containing sensitive data types like credit card numbers. The rule works (after fixing the PowerShell), but needs to be reviewed and possibly adjusted to meet the needs of Office 365 tenants.