cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Extend Security by Disabling Direct Login from Office 365 Shared Mailboxes!

Aima_Tessa
Contributor

‎Dec 08 2022 03:27 AM

‎Dec 08 2022 03:27 AM

Extend Security by Disabling Direct Login from Office 365 Shared Mailboxes!

Why Shared Mailboxes?

Shared mailboxes benefit in different ways for organizations. The most common one is that users can access the same mailbox with varying levels of permission. Each shared mailbox can store up to 50GB of data without assigning a license to it and is widely used as a help desk or support email address. It all goes fine until it comes to shared mailbox security. So, what may be threats? Let's examine it with an example.

What are Some of the Insecurities of Shared Mailboxes?

Suspect that an attacker posed a password attack on your shared mailboxes to steal the credentials. As the mailbox is shared by multiple users, it would be difficult to identify the attack instantly. Also, the shared mailbox comes with an auto-generated password that can be reset, making things favorable for those attackers. Therefore it is always recommended to practice blocking sign-in for shared mailboxes.

For more detailed information and to know the different ways to block sign-in, please check out the following blog.
https://m365scripts.com/exchange-online/block-shared-mailbox-sign-in-to-protect-your-office-365-envi... 

796 Views
0 Likes
4 Replies
Reply
4 Replies
R_Gijsbers_Rademakers

‎Dec 08 2022 12:07 PM

‎Dec 08 2022 12:07 PM

Re: Extend Security by Disabling Direct Login from Office 365 Shared Mailboxes!

Hi @Aima_Tessa, to add to that, a shared mailbox account should always be a disabled account to comply to Microsoft license agreements. If the corresponding account is enabled, you should assign a license to it. Best regards,  Ruud 

0 Likes
Reply
Aima_Tessa

‎Dec 08 2022 10:42 PM

‎Dec 08 2022 10:42 PM

Re: Extend Security by Disabling Direct Login from Office 365 Shared Mailboxes!

@R_Gijsbers_Rademakers Thanks for your response!
According to my grasp, a shared mailbox account isn't disabled by default without a license. Microsoft did not ask for an agreement instead! I think that might be the reason, why blocking sign-in for those mailboxes is important. Thoughts on this?

0 Likes
Reply
R_Gijsbers_Rademakers

‎Dec 10 2022 10:21 AM

‎Dec 10 2022 10:21 AM

Re: Extend Security by Disabling Direct Login from Office 365 Shared Mailboxes!

Hi @Aima_Tessa, depending on the scenario, hybrid or cloud only, I would incorporate it into the process of creating the shared mailbox. First create the disabled account and enable the shared mailbox on that account as the second step. That way you'll make sure the account can't be logged on to upfront instead if doing it afterwards.

0 Likes
Reply
Aima_Tessa

‎Dec 11 2022 10:23 PM

‎Dec 11 2022 10:23 PM

Re: Extend Security by Disabling Direct Login from Office 365 Shared Mailboxes!

@R_Gijsbers_Rademakers Thanks for your suggestion. Will try this way!

0 Likes
Reply