Table of Contents

Get Started

What is Microsoft Customer Lockbox?

With the Lockbox feature within Office 365, Microsoft will be required to alert you of their plan and await your approval to take the appropriate action. In the Office 365 Administrative portal, admins will see a request, and be able to accept/reject the request.

Office 365 and Enterprise Mobility and Security Suite can actually improve the security posture of the firm, which was the case for the State of Minnesota.

FAQ about Customer Lockbox

Who is notified when there is a request to access a customer’s content?

Administrators in the customer’s Office 365 environment are notified via email that there is a request for access. The Office 365 Admin Center portal will also display requests that have been submitted to the customer for approval.

Who can approve or reject these requests in a customer’s organization?

Administrators in the customer’s Office 365 environment can approve or reject Customer Lockbox requests.

Under what circumstances do Microsoft engineers need access to customer’s content?

No one at Microsoft has standing access to customer content in Office 365. Furthermore, Office 365 services are being engineered so that people performing service operations never have access to customer content. Therefore, we believe that the only scenario where a Microsoft engineer will need to access customer content is when the customer asks us to do so.

What happens if a customer rejects the Microsoft engineer’s access to content?

Microsoft can only proceed following approval of a Customer Lockbox request. If a customer rejects a Customer Lockbox request, no access to customer content will occur. If a user was experiencing a service issue that required Microsoft to access customer content in order to resolve (though such circumstances are expected to be extremely rare), then the service issue might simply persist. Microsoft would inform the customer of this outcome.

What happens to a Customer Lockbox request that was not acted upon by the customer in a timely manner?

Customer Lockbox requests have a default lifetime of 12 hours, after which they expire. Expired requests do not result in access to customer content.

How do I purchase Customer Lockbox for Office 365?

Customer Lockbox for Office 365 will be available as part of a new premium Office 365 Enterprise Suite called E5. More information on E5 can be found here.

Video: Customer Lockbox Overview

Resources

Detecting and Protecting Against Solarigate

This blog provides a summary of the Microsoft tools and guidance to detect and protect against the recent attacks embedded within SolarWinds monitoring agents.

10 Critical Steps to Secure Windows Virtual Desktops

It's simple to spin up a VM host for WVD, but selecting and configuring proper security controls takes more time and effort. After some significant deployments of Windows Virtual Desktop, our...

Azure AD Identity Governance – Terms of Use

Most organizations have some form of Acceptable use policy when logging into a domain-joined PC or server.  However, when moving to the cloud, you have access and exposure to a vast array of data and...

Cloud Security Assessment

We hear about breaches ever day now.  Make sure you are doing your best to protect your organization.  Discuss your strategies with our engineers.

 

ref:_00D80KtFf._5000y1WwWQD:ref