Forum Discussion

hongwoo_jin's avatar
hongwoo_jin
Brass Contributor
Jul 21, 2021

About roles of Security Administrator, Compliance Administrator, Mailflow Administrator

Hi,  Anyone who knows with those administrator roles can see customer's own personal informaiton data with company confidential information data?? Customer concerned about assignning those roles to...
pvanberlo's avatar
pvanberlo
MCT
Jul 21, 2021
Compliance Administrator has the broadest access (due to the ability to do a content search).

It's probably best to have a look at the overview of permissions provided by each role for the others. For example, Mailflow Administrator provides the View-Only Recipients permission. This provides access to reports, which may contain information that could be considered PII, but it doesn't provide actual e-mail content for example.

https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/permissions-in-the-security-and-compliance-center?view=o365-worldwide
hongwoo_jin's avatar
hongwoo_jin
Brass Contributor
Jul 23, 2021
How about Security Administrator is?
If I check that role can do only about activity or security policies , it looks only works not data but settings. How about your opinion?

https://docs.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#compliance-administrator

Resources