The digitalization of the workplace and adoption of the cloud has brought numerous benefits for organizations. However, there is one thing leaders should keep in mind when it comes to protecting your organization’s assets. In this article we will talk about the steps you should take to secure organizational data when an employee leaves your organization, and how to allow other employees to access email and OneDrive data.
*Note: You need to be a global administrator to complete the following steps. You will also be using these Microsoft 365 capabilities and features:
- Microsoft 365 Admin Center: Convert mailbox, forward email, revoke access, and remove user.
- Exchange admin center: Block user, block access to email, and wipe device.
- OneDrive and SharePoint: Give access to other users.
- Outlook: Import PST files and add mailbox.
- Active Directory: Remove users in hybrid environments.
How to remove a former employee
Although the following steps are numbered, it is not required that you complete the solution in this exact order. However, Microsoft and our Microsoft experts recommend following the order in which they are listed below.
Step 1. Prevent a former employee from logging in and block access to Microsoft 365 services.
This helps prevent the person from logging in and accessing your Microsoft 365 services.
Step 2. Save the contents of a former employee’s mailbox.
The person who is taking over the former employee’s position will benefit from this. This is also helpful in case there is litigation.
Step 3. Wipe and block a former employee’s mobile device.
This removes your organizational data from their phone/tablet.
Step 4. Forward former employee’s email to another employee or convert it to a shared mailbox.
If you have customers/partners still sending emails to this former employee’s address, this keeps the email address active and forwards those emails to the person taking over their job.
Step 5. Give another employee access to OneDrive and Outlook data.
After you remove the user’s license (but don’t delete the account), the content in this user’s OneDrive is retained for 30 days after the removal.
Before deleting the account, you should give access to their OneDrive and Outlook to another active user. During those 30 days, you can restore the user’s account and gain access to their content. If you restore the user’s account, the OneDrive and Outlook content will remain accessible to you even after 30 days.
Step 6. Remove and delete the Microsoft 365 license from a former employee.
When removing a license, you have the option to assign it to someone else, or to delete it so you don’t pay for it until a new hire comes. Again, when removing or deleting a license, the user’s old email, contacts, and calendar are retained for 30 days, then permanently deleted. If you remove the license but don’t delete the account, the content will remain accessible, even after 30 days.
*Note: The customer may or may not be able to delete the license, depending on their commitment and cancellation window.
Step 7. Delete a former employee’s user account.
This removes the account from your admin center to keep things clean.
*Note: Each step title has a link to the Microsoft document that explains fully how to complete the actions needed for that step.
For further information or assistance with your licenses management, do not hesitate to contact us today. Our Microsoft licensing experts are happy to help.
