It’s very common for employees to leave one organization and move to another for various reasons. But, for businesses, the main concern becomes protecting their data when an employee leaves the company. As most companies heavily rely on Office 365 for storing and managing their data, they need to create an Office 365 account for every employee. And when an employee leaves the company, it becomes highly crucial for companies to restrict access to Office 365 data for their ex-employers.

This article discusses the methods that can be used to secure your Office 365 data from an ex-employee. The Office 365 admins have complete access to every employee Office 365 account, so they can easily handle the user’s data and access to their account.

Note: The steps involved in this article are only applicable to Office 365 Business Essentials, Office 365 Business Premium, and Office 365 Enterprise subscription.

This Article Involves:

  • Restrict Employee Access to Office 365 Data
  • Restrict Access to Exchange Online
  • Wipe and Block Employee’s Mobile Device

Note: You need global admin credentials to perform any of these steps in your organization’s Office 365 account.

  1. Restricting Employees Access to Office 365 Data
    The very first thing to do after an employee leaves your organization is blocking the user from accessing their Office 365 account. Follow the below steps to achieve this:

    • Sign in to Office 365 account and go to the Admin center
    • From the admin center, click Users and go to Active users
    • Against the users that you want to block, click Edit
    • Now, click Settings and select Blocked under the Set sign-in status, and then click Save

    It will take about 24 hours to permanently prevent users from accessing your organization’s office 365 account. Also, make sure you remove or disable the user from any other type of on-premises service.

  2. Restrict Access to Exchange Online
    If your organization is also using Exchange Online as a part of Office 365 subscription, then you’ll also have to restrict ex-employees from accessing their mailboxes. To do this, you need to log-in to Exchange Admin Center and follow the below steps:

    • Sign-in to your Office 365 account and go to the admin center
    • Open the lower-left navigation pane and expand the Admin section
    • From the drop-down, click Exchange
    • Now, in the Exchange Admin Center, go to Recipients, and then select Mailboxes
    • Select the User and go to the User Properties
    • Click Disable Exchange ActiveSync, Disable OWA for Devices, and Disable email connectivity
    • Now, under Email Connectivity, click Disable

    This is the simplest method to block users from accessing your organization’s Exchange accounts and secure your data.

  3. Wipe Data and Block the Employee Device
    If your organization has given company devices to the employees, then you’ll have to wipe data and block that device so that user cannot access Office 365 data from that device. You can perform this action using the Exchange Admin Center, here’s how:

    • Log in to Office 365 account and go to the Admin Center
    • Open the lower-left navigation pane and expand the Admin section
    • From the drop-down, click Exchange
    • Now, in the Exchange Admin Center, go to Recipients, and then select Mailboxes
    • Select the specific user and click View Details under Mobile Devices
    • Select the Mobile Device on the details page and choose Wipe Data, and then click Block
    • Click Save to end the process

Conclusion

It’s natural for employees to leave one organization and move to another. But, companies have to take immediate actions to restrict those employees from accessing their Office 365 data. So, here, we have elaborated some simple techniques that can be used to limit users from accessing Office 365 data.