Office 365 Mailbox Management

This article, published June 20, 2013 on the Spiceworks Community portal shows what needs to be done to maintain your Office 365 email environment according to 1300 admins. We can all learn a lot from consistent application of these types of procedures.

Original article:
https://community.spiceworks.com/cloud/articles/2744-takin-care-of-business-best-practices-of-top-office-365-admins

We recently surveyed some of our Office 365 and 365 Command clients — 1,300 admins total — and inquired about their activities regarding mailbox management. Based on the feedback from those administrators I’ve pulled together a bit of a best practices for Office 365 mailbox management list highlighting what should be done on a daily, weekly, monthly and quarterly basis.

Daily: On a daily basis, mailbox admins are constantly responding to any addition, change, and removal requests for their Office365 accounts. The most common daily tasks are:

1. Modifying passwords
2. Modifying folder permissions
3. Mailbox forwarding
4. Creating single and shared mailboxes

Weekly: These are a few of the activities admins proactively perform on a weekly basis.

1. Review top mailbox growth by size
2. Review Office 365 audit logs
3. Review mobile security — Look for new devices that are being added to mailboxes, compare them from previous weeks, and verify that the user did indeed add a new device — limiting the potential risk of theft or fraud.
4. Review shared mailbox growth — Considering that shared mailboxes only have 5GB limit, top Office 365 admins keep a watchful eye on their mailbox growth and clean up what they need to ensure that all emails are properly sent and received within that mailbox or implement the appropriate archiving solution, such as Command Archive.
5. Review the exact location of servers and mailboxes within the Microsoft data centers

Monthly: To ensure best practices, top-level admins manage the following on a monthly basis:

1. They run reports and lists of all users last login date — checking for people who may no longer be employed with the company, thus eliminating the need for that mailbox (and its associated cost from Microsoft). Or, if there’s limited use, they could move the end user to a less expensive Office 365 SKU, again reducing their overall O365 costs.
2. From a security standpoint, they’re running reports to see who’s forwarding their mailboxes to external mailboxes. For example, sending their email to their home email account (Gmail/Yahoo/ Hotmail).
3. Review password strength and the passwords that are set to expire on a monthly basis, ensuring mailboxes are safe and secure.
4. Review mailbox permissions, and review who has Send As privileges in the organization. They’re confirming with the end user that they allowed these people to have the ability to send email as them.
5. Review who has Full Mailbox access privileges. They confirm with the end user that they do want those additional users to have full access to their mail and calendar.

Quarterly: Once a quarter, don’t overlook the following:

1. Group clean up — Review all email groups to ensure they have active members and see which groups have people in them that are no longer employed, or contractors that are no longer involved, which groups aren’t being utilized, etc.
2. Review the Edit Permissions list.
3. Review non password changes in 90 days.

Administrators that keep on top of these daily, weekly, monthly and quarterly activities can simplify their workflow and get the most out of their Office 365 experience.