I am following up an interesting occurrence in which the 'Office 365 Message Encryption Portal' was integrated into our Azure subscription without any admin doing so. It turns out a standard user's account is associated with this integration however, this was not planned or expected in any way.
Is there a way I can determine how this took place? The owner of the non-admin user account was in a meeting while this integration took place and has no knowledge about their account being used for this purpose.
Does anyone have any idea what could have caused this integration to happen?
This is concerning on several levels. Here are some details, please let me know if there are another other logs or info I could use to determine what happened.