Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 27
  • Last Modified:

Office 365 ediscovery security

Our Managed service provider has access to our Office 365 console. With Office 365 there is an ediscovery module. Is there any security around this feature in terms of engineers being able to view company email. Can we restrict this or view logs that allow us to confirm there is no one viewing emails that shouldn't be, thanks.
0
Sid_F
Asked:
Sid_F
2 Solutions
 
Vasil Michev (MVP)Commented:
Depends on the level of access they have. If they are added as global admin, they can do pretty much anything they want. All relevant actions are audited, but that isnt much of prevention.

Also, there are many other ways they can gain access to other people's email, such as transport/Journal rules, forwarding, full access permissions, impersonation, etc.
0
 
btanExec ConsultantCommented:
Specifically for this ediscovery module, you can adopt a supervisor oversight too.
Define a supervisory review policy to indicate who in your organization will have their email communications reviewed and who will perform those reviews.

By defining a supervisory review policy, you can capture employee communications for examination by internal or external reviewers.
https://support.office.com/en-us/article/Search-and-investigation-in-the-Office-365-Security-Compliance-Center-c4915c5f-82a7-4871-ba20-ef47c7588043

Also there are audit capability to oversight the use by admin and other mailbox users

• Administrator audit logging  - Administrator audit logging allows customers to track changes made by their administrators in the Exchange Online Archiving environment, including changes to RBAC roles or Exchange policies and settings.
• Mailbox audit logging  - Mailbox audit logging allows customers to track access to mailboxes by users other than the mailbox owner.
You can have the report generated for regular review and oversight - besides audit report, other type of report covering supervisory and data loss prevention alerts are available. Do catch them and here is an excerpt on the audit report on the logging
For both admin and mailbox audit logging, you can run audit reports to view the audit log entries. You can also export mailbox and admin audit logs, which are sent to you within 24 hours in an XML file that is attached to email message. For more information about exporting audit logs
https://support.office.com/en-us/article/Reports-in-the-Office-365-Security-Compliance-Center-7acd33ce-1ec8-49fb-b625-43bac7b58c5a
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now