Direct Inward Dialing: +1 408 916 9890
Monitoring non-owner mailbox access events is an important task, as certain events might indicate potential data theft. You need to know who accessed which mailbox, from where, and when. These audit details tell you who sent which emails and are essential if any legal matter arises.
There are two types of Microsoft 365 non-owners: administrators and delegated users. Administrators are responsible for the maintenance of Exchange Online, which includes managing the mailboxes of delegated users. This means that not every non-owner mailbox access in Microsoft 365 indicates a security breach; a non-owner mailbox access may just be the admin accessing the delegated user's mailbox for any given maintenance task. That's why it's essential to validate whether non-owner mailbox access events are in line with the business context to accurately identify anomalies.
This is where M365 Manager Plus' reporting capabilities step in.
M365 Manager Plus offers an audit report to monitor the activities of mailbox non-owners. The report provides details on who accessed which mailbox and when. It also provides details on the operation performed by the non-owner, the device used to access the mailbox, and more.
With the built-in filter option, you can filter the audit records for mailbox accesses by users rather than administrators and delegates. M365 Manager Plus also allows you to create mailbox delegates in bulk and provides an exclusive report to monitor the activities of these delegates.
The native Microsoft 365 portal doesn't offer any way to enable auditing for mailboxes in bulk; you either need to individually enable auditing for every mailbox, or use PowerShell scripting to automate the process. But even if you're well-versed in scripting, this process will still be time-consuming, especially if you have a significant number of mailboxes in your organization.
This is where M365 Manager Plus comes into play. With M365 Manager Plus, you can audit all user and admin activities in Exchange Online for any number of mailboxes—all in just a few clicks and without a single PowerShell script. By default, this feature is disabled for Exchange Online mailboxes. To view audit logs for Exchange Online mailboxes, you simply need to identify which mailboxes have auditing disabled, and enable mailbox auditing manually.