Microsoft 365 - How to Optimize & Audit your Microsoft Office 365 Tenant

In its last quarterly earnings, Microsoft announced that "the number of Microsoft 365 subscribers has increased to 50.2 million from January through March 2021 ". According to Microsoft CEO, Satya Nadela, "Over a year into the pandemic, digital adoption curves aren’t slowing down. They’re accelerating, and it’s just the beginning". However, although the Microsoft 365 suite has become a staple in office productivity, we often see IT departments that do not have the time or bandwidth to periodically audit and optimize their Microsoft 365 tenant. Continue reading to learn how your organization can begin optimizing its Microsoft environment to save money on licensing and upgrade security settings. 

Find more details about Microsoft 365. Here is the ultimate guide to Microsoft Office 365 licensing.

Microsoft Tenant Overview

The Microsoft Tenant is described as  "a dedicated instance of the services of Microsoft 365 and your organization data stored within a specific default location". In a nutshell, this means that your Microsoft Tenant is the environment in which all your Microsoft services and products live and is unique to your organization. These Microsoft products and services include: 

Microsoft or Office Licensing

This is all standard Microsoft or Office 365 licensing, such as Microsoft 365 Business Basic, Microsoft 365 Business Standard, Microsoft 365 Business Premium, Office 365 E3 or E5, all government licenses, education licenses, non-profit licenses, and more. These types of licenses include the Office Suite, with features like Word, PowerPoint, and Excel, OneDrive, SharePoint, Teams, and more.  

Security Applications

Microsoft has a robust security portfolio, with several different products. Examples of security applications are Microsoft Intune, Microsoft Defender for Endpoint, Microsoft Defender for Office 365, and Microsoft Compliance Manager. 

Tenant Security Settings

These security settings are crucial to the Microsoft Tenant, as they are what protect you from malicious actors. There are dozens of settings that can play a role in your tenant's security such as whether or not multifactor authentication is enabled, security password settings like strong password policy or password expiry policies, and administrative roles assigned.  To receive assistance on your tenant security settings, please contact our team today. 

Learn about Microsoft Office 365 business plan review.

Top Reasons to Optimize your Microsoft 365 Tenant

Now that you are aware of what is inside your Microsoft 365 tenant, why is it important to audit your environment periodically? Here are 3 good reasons why you should audit your Microsoft 365 tenant to ensure your environment is optimized. 

1). Improve License Management

Auditing your environment can help you identify licenses that are currently not in use. Whether licenses are unassigned or inactive, these unused licenses are still being billed to your organization. By identifying and removing these licenses from your tenant you can save your organization thousands of dollars annually. Licenses can be broken down into the following categories: 

Unassigned Licenses

Licenses that have been purchased but have never been assigned to users. The organization pays for these licenses even though they have not been placed in use

Inactive Licenses

Licenses that have been assigned to users but have remained inactive over a 30-60-90 day period.

Underused Licenses

Licenses that have been purchased and assigned but only a small percentage of the applications are being utilized. In these cases users should expand their use to the entire bundle or the license should be downgraded. 

Current License Fit

License subscriptions that have been purchased in the past, but no longer apply. This can result from either the license bundles changing ( Microsoft updates constantly) or users changing license types. 

Often, organizations will have policies that demand that a user's inbox be retained for a 90 or 180-day period after an employee has left the company. Sometimes, this is due to compliance requirements or because an organization may want to continue collecting their emails in case certain information is needed. It is not realistic to assume that your IT staff will remember to deactivate a license after an employee has left. Improving license management within your organization is key to ensuring your organization is not overpaying for your Microsoft/Office 365 licenses. 

2). Optimize your Licenses

Choosing the right Microsoft licensing for your unique organization can become a confusing task. Beyond just canceling licenses that are inactive or unassigned, an audit of your environment can provide you with information on specific license SKUs you have, who they are assigned to, and what features of those licenses each specific user is using.  

This can help you identify users who are not adopting all the apps included within a particular license type or SKU. For example, if employees are assigned Microsoft 365 E5 licenses but only adopt applications like Excel, Word, and Outlook, your Microsoft Admin can either downgrade their license to a cheaper SKU or can train that employee to increase application adoption within a certain number of employees. 

3). Upgrade Security Settings

Are you confident that no employee in your organization is auto-forwarding their email to an external domain? Are you aware of how many failed sign-ins your organization incurs daily, and which users have the highest rate? Have you double-checked that all users within your org have MFA enabled, a strong password required, and/or have their passwords expired? Do you know how many users within your organization have administrative roles?  

If you answered no to any of these questions, it is crucial that your IT administrators have the visibility they need to uncover hidden security concerns within your Microsoft 365 tenant. An audit of your Microsoft environment can enable your internal IT team to gain the visibility they need to uncover hidden areas of concern you may not have otherwise been aware of. 

See a 5-step guide to get the most of out your Microsoft 365 licenses.

What is a Microsoft 365 Audit?

The Datalink Networks Microsoft 365 Audit or Microsoft 365 Health Check is an assessment that is performed using enterprise-grade tools to scan your Microsoft tenant to pull data for security settings, administrative roles, and license optimization. By deep-diving into this information, we can help your team uncover hidden security concerns and identify places where money can be saved.

Process of Microsoft 365 Audit

This process of conducting a Microsoft 365 audit typically takes anywhere between 1-2 weeks. This allows for our tool to gather time-based data, such as failed sign-in attempts and other suspicious activities. It’s important to note that while Datalink Networks can see document movement, they cannot see inside the document or any other organizational data. Additionally, everything presented to you is in read-only mode, and no settings or licenses can be changed using the auditing tools.

After our team has collected all the data necessary,  you and one of our Microsoft experts will have a call to discuss the results, potential areas of concern, possible solutions, and recommendations for licensing. After the call, you will be provided with the documentation of all the findings, a report on your current license usage along with recommendations, and any other reports requested throughout the discussion.

Our Findings 

As a Microsoft Gold Partner, Datalink Networks has audited countless Microsoft tenants across various organization types that range from small medium-sized businesses to larger enterprises. Through our Microsoft 365 Health Checks we have uncovered the following:

On average, 9% of licenses were found unassigned and 12% were inactive

This means that 21% of all our analyzed licenses were sitting completely unused. The average overspend across all our clients turns out to be a whopping $7,140.26 for organizations that could be saving money by canceling their unassigned and inactive licenses.  

91% of organizations did not have a fully deployed password expiration policy

Some organizations had all of their passwords expire and some had none of their passwords expire, but many of them were somewhere in between. Many organizations that had most of their passwords expire were surprised to learn that it didn’t carry over for every set of credentials

91% of organizations did not enforce a strong password policy across all users

Similar to the password expiration policy, there was a range in the number of users who had a strong password policy enforced. Some IT admin clients were surprised to learn strong passwords were not required for some of their users, creating security vulnerabilities. 

Click here to find out how to take complete control of your Microsoft 365 with Managed Services.

How do I get started? 

Don't know how to get started optimizing your Microsoft 365 tenant? Datalink Networks has you covered. Contact us today to schedule your free Microsoft 365 Health Check.

As a dedicated Microsoft Gold Partner, Datalink Networks is committed to providing our customers with the best service and support on all things Microsoft. We guarantee that our health check will provide your team with the visibility you need to fully optimize your Microsoft tenant and save your organizations thousands on Microsoft licensing annually. Submit the form below to get started!