[ #Office365 ] What’s new for IT Pros in 2015 and beyond, part 2: Administration control

Second article from a series on news on [ #Office365 ] Administration:

To better control who has access to the admin side of Office 365 and how and when  is really key for a better security of the service. Among the newest deployed or announced features, here are the key ones in this area

  1. First release to selected people
  2. Limited admin role
  3. Customer Lockbox

1. First Release to selected people

First Release has been updated in May 2015 in order to enable organization to embark only a subset of people in evaluating and testing latest updates to the Office 365 services.


Until now, SharePoint Online, and Exchange Online are the only services concerned by First Release. They do not apply to Skype for Business, and the latest version of Office clients. So with the new UI, you can decide to select only a subset of people that will receive the new functionalities. The other will have to wait 14 days more, at least. This will typically let admins and

image6_thumbimage_thumb[12] image3_thumb

As soon as you choose “Select People” you can choose the people that will receive the newest updates:

Office 365 release programs add users

2. Limited admin role

In June 2015 was introduced the notion of limited admin role that will allow to grant limited admin rights to people administering tenant.

2015-07-15_05h48_53_thumb[1]   image12_thumb

For example, the SharePoint Online administrator role provides that admin access to only SharePoint related controls and settings in the Office 365 Admin Center. The SharePoint Online admin can manage SharePoint site collections, configure SharePoint settings such as the organizations external sharing policy and access SharePoint Admin Center for additional SharePoint capabilities. However, the SharePoint Online admin will not have access to other Office 365 service controls and settings such as mailbox configuration, transport rules and other non-SharePoint related settings.

This table shows the Office 365 admin roles and their associated permissions.


3. Customer Lockbox

Lockbox process is an already in place process that enforces access control through multiple levels of approval within Microsoft, providing just-in-time access with limited and time-bound authorization. In addition, all access control activities in the service are logged and audited.

With Customer Lockbox announced on April 21, 2015, Microsoft wants to maximize data security and privacy for Office 365 customers, so Customer Lockbox is an extension to the process that gives customer control to every Lockbox access and gives opportunity to accept or reject it.





Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s