Offboarding Employees In Office 365 (Part 1)
In this blog we will discuss how to leverage many of the features available with Office 365 to mitigate against the inherent concerns (security, compliance, etc.) when dealing with terminated employees. We will touch on all 3 products that comprise Office 365: Exchange Online, SharePoint Online and Lync Online.
When an employee leaves the organization, one of the first IT concerns is restricting the former employee's access to systems. In Office 365, this is done by disabling or blocking the user's account. If you are using cloud based identity, then you simply navigate to the Office 365 administrative portal and check a box in the user's account to block access. If you have synchronized your on premise Active Directory to Office 365 using DirSync, you will accomplish this by disabling the account in AD then running a synchronization to Office 365.
Sometimes the situation requires that another user be given full access to the user's account immediately, this can be accomplished with a password change in O365 or AD. Once you have performed this step, you can then begin the off-boarding process.
Office 365 has many features and capabilites to adhere to varying HR policies. If you do not have a formal off-boarding policy, or you are interested in revising your policy to address how users access, use and share data in Office 365, the following questions are a good place to begin.
Should the user's email to be forwarded to someone else? To whom? For how long (duration)?
Does an auto-reply email need to be setup? For how long?
Is there a standard template for auto-replies, or does it need to be customized?
Does the user's mailbox need to be preserved?
Does a manager and/or their replacement need access to the terminated employee's mailbox?
Should the user's smartphone/tablet be wiped?
What should be done with the data in the user's OneDrive? Should access given to another user?
Do the user's Lync conversations need to be retained?
Are there any sites or libraries in SharePoint that were restricted to the user? Do the permissions need to be delegated to another user?
Office 365 has features that will allow you to address all of these questions and scenarios. Please check out the next blog where we will discuss how to perform the tasks associated with each of these features.