locked
what to review exchange365 RRS feed

  • Question

  • Our risk team want to audit our email systems. At present around 25% of our mailboxes are in the cloud via exchange365, and 75% are stored on-premise 2013 servers.

    When looking at internally hosted mail servers the risk team can look into areas such as security and cofniguration of exchange, backup procedures, AV policies, backup procedures, mailbox ACL's, run EXBPA to check for bad design configs etc etc.

    But for the cloud based email infrastructure (exchange365), what can/should they look for in an audit/risk assessment?

    Thursday, January 29, 2015 9:36 AM

Answers

  • Hi, 

    As far as I know, ExBPA is not available in Office 365. 
    For Exchange 2013, we can install Office 365 Best Practices Analyzer for Exchange Server 2013.
    For Office 365, we can logon EAC(outlook.office365.com/ecp) with your administrator account, then switch to Compliance management---> Auditing.

    We can use the auditing functionality in Office 365 to track changes made to your Exchange Online configuration by Microsoft and by your organization’s administrators and changes made by users to documents and other items in the site collections of your SharePoint Online organization. Use mailbox audit logging to track actions performed by users other than the owner of a mailbox. In addition to tracking changes in your Office 365 organization, you can also view audit reports and export the audit logs. More details about Auditing in Office 365, for your reference:
    https://technet.microsoft.com/en-us/library/dn790283.aspx

    By the way, this question may be related to Office 365. Please contact Office 365 Team so that you can get more professional suggestion, for your reference:
    http://community.office365.com/en-us/default.aspx

    Best Regards,
    Allen Wang
    • Marked as answer by cf090 Thursday, February 5, 2015 8:42 AM
    Saturday, January 31, 2015 1:34 PM

All replies

  • Hi There,

    I would focus on checking Active Sync policies, retention policies If you are using one, mailbox that are not active and who has access to the O365 admin portal.

    Cheers,


    Exchange Blog:

    www.ntweekly.com

    MCSA, MCSE, MCITP:SA, MCITP:EA, MCITP:Enterprise Messaging Administrator 2010,MCTS:Virtualization

    Thursday, January 29, 2015 9:51 PM
  • Thanks for the reply....

    What are the risks around active sync, retention and stale mailboxes? Can you give some insight into the potential concerns?

    Friday, January 30, 2015 10:51 AM
  • Hi, 

    As far as I know, ExBPA is not available in Office 365. 
    For Exchange 2013, we can install Office 365 Best Practices Analyzer for Exchange Server 2013.
    For Office 365, we can logon EAC(outlook.office365.com/ecp) with your administrator account, then switch to Compliance management---> Auditing.

    We can use the auditing functionality in Office 365 to track changes made to your Exchange Online configuration by Microsoft and by your organization’s administrators and changes made by users to documents and other items in the site collections of your SharePoint Online organization. Use mailbox audit logging to track actions performed by users other than the owner of a mailbox. In addition to tracking changes in your Office 365 organization, you can also view audit reports and export the audit logs. More details about Auditing in Office 365, for your reference:
    https://technet.microsoft.com/en-us/library/dn790283.aspx

    By the way, this question may be related to Office 365. Please contact Office 365 Team so that you can get more professional suggestion, for your reference:
    http://community.office365.com/en-us/default.aspx

    Best Regards,
    Allen Wang
    • Marked as answer by cf090 Thursday, February 5, 2015 8:42 AM
    Saturday, January 31, 2015 1:34 PM
  • By auditing I wasnt refering to audit logs, more a check of the configuration of the system against best practices (referred to as an IT Audit)...

    Monday, February 2, 2015 9:01 AM
  • Hi,

    According to my research, there is no similar tool for Office 365, for now.
    More details please contact to Office 365 Team to get more professional suggestion.

    Best Regards,
    Allen Wang

    Tuesday, February 3, 2015 1:18 AM