How can I determine or make an alert if a mailbox is accessed from another geolocation?

Jorel_ReachOutIT · ‎Aug 04 2020

I'm trying to see if there's a way for me to identify if a user's mailbox has been access from a different geolocation and create an alert for it so as to identify if the mailbox is being accessed by a fraud.

Guido van Dijk · ‎Aug 04 2020

@Jorel_ReachOutIT
Hi Jorel,
Assuming that you have a Microsoft365 subscription, you can use Azure AD Identity Protection
https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protec...
If its with an on premises environment, you will use a VPN solution, then you should check the documentation if you can create alerts.
regards
Guido

Vasil Michev · ‎Aug 05 2020

You cannot do this with the "basic" alerting functionality we have in the SCC, but should be possible if you have MCAS licenses. You will have to define all the "internal" or "known" locations for this to work though.

How can I determine or make an alert if a mailbox is accessed from another geolocation?

How can I determine or make an alert if a mailbox is accessed from another geolocation?

Re: How can I determine or make an alert if a mailbox is accessed from another geolocation?

Re: How can I determine or make an alert if a mailbox is accessed from another geolocation?

Products (68)

Special Topics (42)

Video Hub (898)

Most Active Hubs

Most Active Hubs

Video Hub

How can I determine or make an alert if a mailbox is accessed from another geolocation?

How can I determine or make an alert if a mailbox is accessed from another geolocation?

Re: How can I determine or make an alert if a mailbox is accessed from another geolocation?

Re: How can I determine or make an alert if a mailbox is accessed from another geolocation?