You might be surprised at how much trouble people can cause by not doing anything.
This isn’t about people who are supposed to do something but choose to do nothing instead. This is about Microsoft Office 365 account holders who, for whatever reason, aren’t using their accounts.
There are many reasons why an account holder wouldn’t use the account.
But in most cases, inactive user accounts get that way because the account holders have moved on from the organization and their accounts were never disabled.
Why are inactive Office 365 accounts a problem? There are two main reasons:
Most mature organizations have standard procedures to disable the accounts of terminated users and release their licenses, but even for those organizations, inactive accounts can slip through the cracks. Office 365 doesn’t know a user has moved on unless you tell it, and sometimes this step is overlooked.
Therefore, it’s good practice to audit your Office 365 accounts on a regular basis to determine if there are any inactive accounts. What to do with those accounts depends on each inactive user’s situation and your company’s policies. In many, but not all cases, the accounts should be disabled, and the licenses released for other users.
A common practice, required by certain regulations such as Sarbanes-Oxley in the U.S., is to compare Office 365 accounts every month against a list of users that have been terminated and make sure those accounts are disabled.
Absent a regulatory requirement, it’s still a good idea to check for account inactivity. Inactivity is determined by the length of time since the user’s last system login.
What length of time qualifies a user account as “inactive”? That’s up to you; each organization has a different definition. Many organizations choose a length of time between 90 and 180 days.
How do you check for inactive Office 365 accounts?
It’s not as easy, using Microsoft-supplied tools, as you might expect. A quick internet search turns up a number of approaches, many of which involve writing, downloading, or purchasing PowerShell scripts that access the system audit logs.
Unless you are (or know someone who is) knowledgeable in PowerShell, this approach won’t be especially helpful.
There is a report in the Office 365 Admin Center that reports on mailbox activity (Reports > Mail > Active and Inactive Mailboxes). Although some Office 365 administrators have found some success with this report, others have complained that it is not accurate, either over-reporting or under-reporting inactive users.
There is a simpler, more intuitive way to monitor and manage inactive Office 365 accounts: CoreView. CoreView overcomes the limitations of Microsoft’s Office 365 administrative reporting tools by providing an easy-to-understand licensing dashboard.
You can use CoreView to identify unused licenses, minimize waste, and ensure costs are allocated appropriately, so you can get the most out of your Microsoft 365 subscription costs.
CoreView also has powerful tools to monitor your Microsoft 365 environment for security and compliance, automate repetitive administrative tasks, and more.
Don’t remain in the dark about your inactive users, who are uselessly using up valuable licenses and providing an attack surface for hackers to exploit.
Contact CoreView today to learn how to take control of your Office 365 licenses.
