What To Do In Office 365 When An Employee Leaves

For the organizations using Office 365 application, if an employee leaves then it becomes a critical situation for an HR Manager. The systematic step-by-step procedure needs to be followed to complete the off-boarding process. If the offboarding is performed incorrectly then it may lead to loss of data.

Therefore, it's the responsibility of an administrator to know what to do in Office 365 when an employee leaves the organization.

In order to facilitate smooth offboarding, a number of best practices can be adopted which are as follows:

1. Reset Password

The foremost step is to change or reset the password. This immediately secures the account from being accessed by the ex-employee. The reset password option is better than blocking the sign in as it takes up to 24 hours. The ex-employee may use or extract the data within the time period of 24 hours.

The following are the steps to reset the password of the account:

• Sign in to Office 365 Admin’s account and then go to Admin center.
• Select the option ‘Users’ and then choose ‘Active Users’.
• Select the user and then click on ‘Reset password’.
• You can auto-generate the password or reset to new password manually. Now, the ex-employee won’t be able to access the mails at all.

2. Block the user from signing into MS Office 365 account

Once the password is reset, now you can block the user or ex-employee from signing into MS Office 365 account.

The following are the steps to block the former employee from accessing MS Office 365 account:

• Go to the admin centre, click on ‘Users’ and then go to the ‘Active users’ page
• You can choose the employee’s name and on the right, a window with the option ‘Block sign- in’ will get opened
• Click on ‘Block Sign-in’ and then select ‘Save’

3. Use email forwarding or create a shared mailbox

Email forwarding is an option that lets you forward your emails to another email id. This can happen when the employee resigns then his incoming mails can be redirected to another email id. In this manner the connection can be sustained for the future without hindering the communication process.

The following are the steps for email forwarding:

• Sign in to Office 365 Admin’s account and then go to ‘Admin center’
• You can select ‘Users’ and then move to ‘Active Users’
• Select the user. Under the category ‘Mail’, you can find ‘Manage email forwarding’
• You can choose a forwarding email address

From now onwards, all the mails of ex-employee would be directed to new email id chosen as ‘Forwarding email address’.

In order to create a shared mailbox, the following are the steps to be followed:

• Go to ‘Exchange admin center'
• Click on ‘Recipients’ and then ‘Mailboxes’
• Select the user mailbox. Under the category ‘Convert to Shared Mailbox’, click on ‘Convert’

In this method, you would be able to access both the old and new mails for free. To make this happen it should be ensured that the mailbox is under 50 GB.

4. Secure ex-employees data

The data in the email mailboxes, contacts, calendars, drive are important. It is, therefore, necessary to export Office 365 mailbox to PST using the eDiscovery mechanism or by using an automated tool. Once all the user mailboxes are exported you can proceed with other security tips.

5. Discontinue mobile devices from the corporate data

It is essential to disconnect or discontinue the mobile device of the former employee from the corporate data.

The following are the steps to discontinue the mobile device from the corporate data:

• Sign in to Office 365 Admin’s account and then go to ‘Outlook’.
• Go to the ‘Settings and view all Outlook settings.
• Click on ‘General’ and select ‘Mobile Devices’.
• You can see the list of mobile phones. You can select the one you want to remove.
• Click on ‘Wipe Device’.

So, discontinuing access from the mobile device is the best way to prevent data misuse.

6. Identify and manage apps accessibility

There are two apps related task that should be done while offboarding:

• Disconnect the access from apps: When an employee leaves then it should be ensured that he is no longer able to access the organization’s apps using his account. This is to ensure that the data remains secure from unauthorized access
• Disconnect the apps linked with Office 365: There are some apps that the former employee might have installed without any prior permission. So, here comes the need to open Office 365 and find the apps associated with it. Such apps can be deleted to ensure the security and compliance

7. Remove Microsoft Office 365 license and then delete the account

Once you are done with all the above steps, then you can go ahead with removing the Microsoft license from the former employee’s account. Once the Microsoft license has been removed, you can still access the account for 30 days. Likewise, even if the account is deleted then also you can also access the information for 30 days. After 30 days, Microsoft will permanently delete the account from the server. Hence, the former employee would no longer be able to access the information.

In the above blog, you have learned about what you need to do in Office 365 when an employee leaves to restrict them from accessing the account. Several steps have been discussed in the above-aforementioned paragraphs by which the data can be secured and prevented from misuse by ex-employee of your organization.