Microsoft Office 365 introduced many new services when compared with the services available 5 years back. Office 365 Enterprise E3 Plan was mostly used by enterprise organization for the services like Exchange Online, SharePoint Online, One Drive for Business Online and Microsoft Teams. As on date, ~250 Million mailboxes are there in Office 365 and the mailbox count increasing day by day.
As an Office 365 IT manager, you need to ensure the following are properly monitored as part of your daily activities.
Service Health Dashboard:
Microsoft announces Office 365 related outages on your Office 365 Tenant Service Health Dashboard. Though there is a delay that you can see on the notification, it is your responsibility to monitor the Service Health dashboard and check if any of your users are reporting the issues.
Any planned changes or enhancements to the Office 365 services will be announced in Message Center and you have an option to receive the announcements in email. Details about the announcement, the services that are going to get affected and the steps that you need to follow will be shared here. Ensure you are reviewing the announcements on daily basis
Office 365 Reports:
Microsoft provides a best in class reporting feature about the Office 365 services. Active Users, Application Usage, Storage consumption and License usages can be viewed from the Reports. Review the report to understand the Office 365 services utilization in your environment.
Security and Compliance Dashboard:
Security and Compliance portal provides the information about Security. Reporting section on this portal is enhanced and it provides more insights about your Office 365 Tenant. Review the available reports.
Azure AD Sign-In Logs & Audit Logs:
Users with administrative permissions can make changes in your environment. Review the Audit logs of the changes done by them to see whether the administrators are not changing anything without Change Approval.
Review the Permissions assigned to Administrators:
Users left the Organization may still have permission on the environment or the common account that has an admin permission and the password may be known by the person who left the organization, change the password for common accounts.
Azure AD Connect Sync:
Though the AD objects automatically synchronize to Azure AD by Azure AD Connect, it is better to check the last successful Synchronization. Monitor the AD Connect alerts in Azure AD to find the duplicates etc… In addition, ensure the AD Connect application updated with latest updates.
ADFS Health Check:
Configure ADFS Health agent and monitor the server status from Azure AD. Azure AD Monitoring will alert you in case of any issue with ADFS infrastructure.
License validation is required to ensure you are not over subscribing the office 365 services. If you do not want your users to use the free trails, disable the trial services from Office 365 Admin Portal.
External Sharing Capability:
Validate whether the external Sharing Capability from OneDrive, SharePoint, Office 365 Groups and Teams are properly configured as per your plan.
Ensure you have configured the retention policies on all the Office 365 Services as per your legal and compliance requirements.
Review the guest accounts in your Azure AD. They are already interacting with your users and having access to your company data in one or other way.
Are you allowing users to register the Azure AD application on their own? Review the applications registered and what data they are accessing in Azure AD.
Having queries… reach us @ firstname.lastname@example.org