Direct Inward Dialing: +1 408 916 9890
If your organization is serious about auditing all user and admin activity in Microsoft 365, then you'll have to deal with the volumes of audit logs that are added to your database every minute. These audit logs contain traces of all types of activity, ranging from simple file renames to password resets and unwanted login attempts.
Auditing every activity happening in your Microsoft 365 environment requires you to analyze all the logs generated by various services and user activities. And to comply with regulatory mandates, this audit log data must be archived—but Microsoft 365 doesn't make archiving easy.
Limitation: Microsoft 365 offers a unified audit logging service across key workloads, which is accessed through the Security and Compliance Center. However, audit entries in the Security and Compliance Center are retained for only 90 days, after which they're purged. Organizations that need long-term access to audit report items—such as the seven years worth of data required by some compliance regulations—should be aware of this limitation.
Solution: You can manually download and save audit logs every 90 days, but failing to do so would result in the permanent loss of logs. On the other hand, M365 Security Plus holds audit logs indefinitely. Therefore, you can choose to archive audit logs at your convenience, like when your database is running out of space. You can also restore deleted audit logs in M365 Security Plus in a single click.
Limitation: When exporting specific audit logs from Microsoft 365, the export is limited to 1,000 entries—unless all logs are exported, in which case the limit is 50,000 items. This is severely limiting since some mid-sized and large organizations hit the 50,000 item limit every day. Manually exporting logs for organizations of this size requires an administrator to specify and generate at least one export every day, hoping that the time delay in capturing audit report entries doesn't result in an incomplete report.
Since these exports are delivered as simple CSV files, there's also no accountability involved in the accuracy of the data, meaning there's nothing stopping an administrator from making up data or removing evidence of their own wrongdoing.
Solution: M365 Security Plus imposes no restriction on the number of entries that can be exported. You can export the audit data as password-protected reports or archive them as password-protected files so they're tamper-proof.
M365 Security Plus allows you to archive Microsoft 365 audit logs in a separate storage platform, and restore them when required in a single click. You can also: