Direct Inward Dialing: +1 408 916 9890
Free EditionMailboxes are a treasure trove of personal data and confidential business information, especially if the mailbox belongs to the top brass of your organization. Some of the first things an intruder does after infiltrating a network is an attempt to identify accounts that have elevated permissions and grant themselves access to the mailboxes of those accounts. They may even block everyone else's access to these mailboxes, causing mayhem.
M365 Security Plus is a Microsoft 365 security tool that helps detect security attacks and analyze risks in your Microsoft 365 environment, and get the insights you need to identify these permission changes to your mailboxes with its customizable audit profiles.
Mailbox permissions are used to grant access to the contents of a mailbox; this includes not only the inbox but also the mailbox folders, calendar, and contacts. This is why caution should be maintained when granting mailbox permissions to delegates, so a user does not receive elevated privileges unless they need them.
The following permissions can be assigned to delegates:
| Permission | Description |
| Full Access | Authorizes the delegates to open the mailbox, as well as view, add, and remove content. They won't, however, be able to send emails from the mailbox. |
| Send As | Authorizes delegates to send emails from the delegated mailbox or group without revealing their identity. The emails sent appear as if they were sent from the delegated mailbox or group. |
| Send on Behalf | Authorizes delegates to send emails from the delegated mailbox or group; these emails clearly show the identity of the sender. However, replies will be sent to the delegated mailbox or group. |
You can track all permission changes to your mailboxes in Exchange Online with M365 Security Plus by navigating to Audits > Exchange Online > Mailbox Permission > Mailbox Permission Changes.
You can now view all instances of mailbox permission changes with the necessary details, such as the time, country, and date of the permission change, and also who changed it and what permission was added or removed to which mailbox.
Apart from tracking mailbox permission changes, you can also audit Exchange Online for property changes, DLP policy matches, message trace details and more. Other services that can be audited using M365 Security Plus include:
