November 14, 2022
min read
Kas Nowicka
Kas has spent the last decade working with Microsoft’s cloud solutions and sharing governance, adoption, and productivity best practices with the MVP community.
Female software engineer works at desk with computer

You might be surprised at how much trouble people can cause by not doing anything.

This isn’t about people who are supposed to do something but choose to do nothing instead. This is about Microsoft Office 365 account holders who, for whatever reason, aren’t using their accounts.

There are many reasons why an account holder wouldn’t use the account.

  • Some people have no business need for Office 365. 
  • Some users might be on a temporary assignment that doesn’t require Office 365, but they will return at some point. 
  • Others might be on an extended leave of absence. Some might be external users, such as contractors, who needed it only for the duration of a specific project.

But in most cases, inactive user accounts get that way because the account holders have moved on from the organization and their accounts were never disabled.

The Problem with Inactive Accounts

Why are inactive Office 365 accounts a problem? There are two main reasons:

  1. Security: Inactive accounts that are not disabled represent a security risk. An adversary who compromises an unused Office 365 account can cause trouble that might go unnoticed because there is no legitimate user to observe or report unusual activity.
  2. Cost: Each inactive user account uses up an Office 365 license, costing the organization money. 

Most mature organizations have standard procedures to disable the accounts of terminated users and release their licenses, but even for those organizations, inactive accounts can slip through the cracks. Office 365 doesn’t know a user has moved on unless you tell it, and sometimes this step is overlooked.

Therefore, it’s good practice to audit your Office 365 accounts on a regular basis to determine if there are any inactive accounts. What to do with those accounts depends on each inactive user’s situation and your company’s policies. In many, but not all cases, the accounts should be disabled, and the licenses released for other users.

A common practice, required by certain regulations such as Sarbanes-Oxley in the U.S., is to compare Office 365 accounts every month against a list of users that have been terminated and make sure those accounts are disabled.

Absent a regulatory requirement, it’s still a good idea to check for account inactivity. Inactivity is determined by the length of time since the user’s last system login. 

What length of time qualifies a user account as “inactive”? That’s up to you; each organization has a different definition. Many organizations choose a length of time between 90 and 180 days.

How to Check for Inactive Accounts

How do you check for inactive Office 365 accounts?

It’s not as easy, using Microsoft-supplied tools, as you might expect. A quick internet search turns up a number of approaches, many of which involve writing, downloading, or purchasing PowerShell scripts that access the system audit logs. 

Unless you are (or know someone who is) knowledgeable in PowerShell, this approach won’t be especially helpful.

There is a report in the Office 365 Admin Center that reports on mailbox activity (Reports > Mail > Active and Inactive Mailboxes). Although some Office 365 administrators have found some success with this report, others have complained that it is not accurate, either over-reporting or under-reporting inactive users.

A Better Way: CoreView

There is a simpler, more intuitive way to monitor and manage inactive Office 365 accounts: CoreView. CoreView overcomes the limitations of Microsoft’s Office 365 administrative reporting tools by providing an easy-to-understand licensing dashboard.

You can use CoreView to identify unused licenses, minimize waste, and ensure costs are allocated appropriately, so you can get the most out of your Microsoft 365 subscription costs.

CoreView also has powerful tools to monitor your Microsoft 365 environment for security and compliance, automate repetitive administrative tasks, and more.

Don’t remain in the dark about your inactive users, who are uselessly using up valuable licenses and providing an attack surface for hackers to exploit. 

Contact CoreView today to learn how to take control of your Office 365 licenses.

Get a personalized demo today

Created by M365 experts, for M365 experts.