Leverage Office 365 Admin Roles
Probably the least utilized business function of Office 365 is admin roles. You no longer have to give global administrative access for all e-mail and documents to IT. Here’s some insight to mitigate risk, while giving accountability for more agile business operations:
Global Administrator – This role should be assigned to the owner and not IT. After initial setup, Global Administrator access is not necessary for general day-to-day functions. Have a generic admin account as a backup. Any kind of admin role also has the added benefit of entering an alternate e-mail address for self-service password reset. In unusual or emergency situations, you should definitely have an Office 365 Partner of Record for expert support as needed. Finally, you can also enlist the help of Microsoft Office 365 Phone Support at (800) 865-9408.
User Management Administrator – Support staff should be granted this role to add and delete users, reset passwords, and assign licenses. There is no ability to affect Global Administrator accounts. Most importantly, this role provides no administrative access to any kind of data.
Password Administrator – Department heads or supervisors appreciate having this role to quickly get staff working if IT is not readily available to reset a password. Again, these critical personnel also benefit from being able to reset their own accounts as necessary.
Billing Administrator – Granting this role to someone in Accounting, allows notice of subscription renewal and billing for management purposes as IT generally has little or no budget authority.
The whole reason for moving to cloud computing is security and productivity. Owners and shareholders should retain in control of data. Key players should have enough autonomy and accountability to keep staff working and IT should simply provide service to move the organization forward.
