Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Office 365 ediscovery security

Posted on 2016-08-24
2
Medium Priority
?
24 Views
Last Modified: 2016-09-13
Our Managed service provider has access to our Office 365 console. With Office 365 there is an ediscovery module. Is there any security around this feature in terms of engineers being able to view company email. Can we restrict this or view logs that allow us to confirm there is no one viewing emails that shouldn't be, thanks.
0
Comment
Question by:Sid_F
2 Comments
 
LVL 44

Assisted Solution

by:Vasil Michev (MVP)
Vasil Michev (MVP) earned 1000 total points
ID: 41768497
Depends on the level of access they have. If they are added as global admin, they can do pretty much anything they want. All relevant actions are audited, but that isnt much of prevention.

Also, there are many other ways they can gain access to other people's email, such as transport/Journal rules, forwarding, full access permissions, impersonation, etc.
0
 
LVL 65

Accepted Solution

by:
btan earned 1000 total points
ID: 41768717
Specifically for this ediscovery module, you can adopt a supervisor oversight too.
Define a supervisory review policy to indicate who in your organization will have their email communications reviewed and who will perform those reviews.

By defining a supervisory review policy, you can capture employee communications for examination by internal or external reviewers.
https://support.office.com/en-us/article/Search-and-investigation-in-the-Office-365-Security-Compliance-Center-c4915c5f-82a7-4871-ba20-ef47c7588043

Also there are audit capability to oversight the use by admin and other mailbox users

• Administrator audit logging  - Administrator audit logging allows customers to track changes made by their administrators in the Exchange Online Archiving environment, including changes to RBAC roles or Exchange policies and settings.
• Mailbox audit logging  - Mailbox audit logging allows customers to track access to mailboxes by users other than the mailbox owner.
You can have the report generated for regular review and oversight - besides audit report, other type of report covering supervisory and data loss prevention alerts are available. Do catch them and here is an excerpt on the audit report on the logging
For both admin and mailbox audit logging, you can run audit reports to view the audit log entries. You can also export mailbox and admin audit logs, which are sent to you within 24 hours in an XML file that is attached to email message. For more information about exporting audit logs
https://support.office.com/en-us/article/Reports-in-the-Office-365-Security-Compliance-Center-7acd33ce-1ec8-49fb-b625-43bac7b58c5a
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
Mailbox Overload?
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question