Compliance is an architected system of policies, controls and objectives designed to keep your business units out of trouble, operating securely and cost effectively. Audit reports are mandatory to adhere by various industrial mandates like PCI, HIPAA, GLBA, FISMA and SOX.
M365 Manager Plus provides an exhaustive list of audit reports which help you comply by the aforementioned industrial mandates.
In the "Compliance ready mailbox" series, I'll be showing all the things that must be done to make your mailboxes compliance ready.
The first step to take towards a secure working environment is to make sure that mailbox auditing is enabled for all Exchange Online mailboxes because, to view mailbox audit reports, mailbox auditing must be enabled.
In Microsoft 365 portal
By default, mailbox auditing is disabled for all mailboxes. And there are no means to enable/disable mailbox auditing in the Microsoft 365 portal. You have to rely on PowerShell scripts to know whether mailbox auditing has been enabled or not, and to enable/disable it. In other words, it is a time consuming process to retrieve the list mailboxes for which auditing is disabled.
In M365 Manager Plus
M365 Manager Plus provides a report called, Mailbox Auditing Report, which provides information on whether mailbox auditing is enabled or not. Details of the actions for which audit log is enabled for mailbox owner, admin, and delegate can also be found in this report. From this report, you can filter the list of mailboxes for which mailbox auditing is disabled, and export to CSV, PDF, HTML or XLS format.
Steps to generate mailbox auditing report
- Go to Reports tab.
- Choose Security Reports under Other Services in the left pane.
- In the page that appears, select Mailbox Auditing under Mailbox Security Reports. This will display the Mailbox Auditing Report.
- Use the filter option to get the list of mailboxes for which auditing is disabled. [Refer image below]
- Now, use the Export As option to export the list of mailboxes to the format of your choice.
This is how you retrieve the list of mailboxes for which mailbox auditing disabled. Next week I'll show you how to enable auditing for these mailboxes in a few clicks with M365 Manager Plus.