Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session


Office 365 Admin Resource Center

IT Pros

In This Article

office 365 admin image with Teams, Sharepoint, Cloud and mail

Working as an administrator for Office 365 can be difficult. Though the Office 365 Admin Center has been built with usability in mind and will allow you to accomplish basic tasks quite easily, there are many subtleties to Office 365 administration that can take years to master.

We’re here to help. Over the years, we’ve produced lots of resources on how to become an effective Office 365 administrator, and in this guide, we’ll take you through them. Whether you are an experienced administrator looking to refresh your skills, or just starting out with Office 365 administration, below you’ll find a guide written specifically for you.

Office 365 Admin Resources

Here at Varonis, we’ve produced many guides over the past few years. These cover almost every aspect of how to work with Office 365 as an administrator. Take a look at the list below, and simply choose the guide that is right for you.

How-To Guides

  1. Connect to Office 365 with PowerShell
  2. Office 365 PowerShell Commands
  3. Securely Migrate Data to Office 365
  4. Microsoft File Sharing Best Practices
  5. SharePoint Permissioning Best Practices
  6. Using Malicious Azure Apps to Infiltrate a Microsoft 365 Tenant
  7. Microsoft Teams Security Guide

Articles and White Papers

  1. Office 365 and HIPAA
  2. SubInACL.exe
  3. E3 and E5 Office365 Features
  4. Exchange Vulnerability
  5. SharePoint vs SharePoint Online
  6. 7 Best Practices for Data Security in Office 365 and Beyond [white paper]

Videos and Courses

  1. Office 365 Data Security and Threat Detection
  2. 7 Hidden Office 365 Settings

Quick Review: What Does an Office 365 Sysadmin Do?

office 365 admin on their computer

An Office 365 admin is mainly responsible for managing the way that employees use Office 365 within a particular organization. The tasks that Office 365 admins perform can be broken into a number of categories:

  • Managing users: Admins are responsible for adding new users to Office 365, managing their access levels, and shutting down their accounts when they leave your organization.
  • Contact lists: Most organizations will have a shared contact list, and Office 365 admins are often responsible for keeping this up to date and accurate.
  • Shared mailboxes: Shared mailboxes make it easier for teams to communicate, and Office 365 admins are responsible for setting them up and managing them.
  • Groups: Groups are another aspect of collaboration in Office 365, and admins are charged with managing these as well.
  • External sharing: Documents and other forms of information in Office 365 can be shared externally, and admins are responsible for enforcing policies that control how, when, and where this can be done.
  • Service settings: In the Office 365 Admin Center, admins have access to the shared settings for all of their users. This includes the settings for sites owned by your company, and which programs users can access within Office 365.

In addition to managing the users of Office 365, admins are also responsible for keeping the data stored in this system safe. For this reason, it’s also important for admins to be aware of the most common forms of cyberattacks directed against Office 365.

Types of Office 365 Attacks

There are many different types of attacks that can be directed against Office 365, and administrators should be aware of all of them. Here are the most common forms of attack:

  • Phishing: This is still the most common form of cyberattack, and relies on tricking your users into letting hackers into your systems.
  • MiTM Attack: In a man-in-the-middle attack, a hacker will intercept data passing between your employees and Microsoft’s servers.
  • Ransomware: Ransomware is a form of malware that will encrypt your data, after which a hacker will ask for payment in order to return it to you. This type of attack is generally initiated after an attack gains a foothold via stolen credentials or malware that takes control of a user’s computer.
  • Brute Force: A brute force attack is a simpler form of attack, but can be equally as effective as more sophisticated attacks. In this form of attack, a hacker will try to guess the passwords of your users.

How Do I Get To the Office 365 Admin Center?

The Office 365 Admin Center is where most of the administrative tasks for Office 365 are accessed. As an admin, you will spend a lot of time working with the admin center. To access the admin center, follow these steps:

  1. Go to the Microsoft portal
  2. Sign in using your Office 365 Admin login details
  3. Once logged in, select the app launch icon in the upper bar and click on the Admin tile, which looks similar to this image:

a screenshot of an office 365 app

Microsoft Office 365 Administration Fundamentals

office 365 basics image with a checklist

Getting started with Office 365 administration is fairly easy, and you’ll find that the administration center will allow you to quickly complete most tasks that are required of you as an Office 365 admin. It is worthwhile, however, reading through our guides to the basic techniques and processes behind being an administrator, to ensure that you are completing these tasks in an efficient, safe way.

Below, you’ll find a round-up of the guides we’ve produced to the fundamentals of Office 365 administration, arranged into categories.

Basic Techniques

The basic techniques for admins for Office 365 include connecting to the admin center, migrating files to the shared cloud, and managing file sharing. Here are our guides to these subjects:


Since SharePoint Online is part of Office 365, the system is integrated into Azure AD, Exchange Online, and OneDrive. OneDrive is an Internet-based storage platform with a significant amount of space offered for free by Microsoft to anyone with a Microsoft account, and is very commonly used as a business collaboration platform by small businesses. Here are our guides to OneDrive:

SharePoint Online

Microsoft SharePoint Online is a cloud-based service that helps organizations share and manage content, knowledge, and applications to help your team collaborate. Instead of installing and deploying SharePoint Server on-premises, any business can subscribe to an Microsoft 365 plan or to the standalone SharePoint Online service. Your employees can create sites to share documents and information with colleagues, partners, and customers. Here are our guides to using SharePoint Online:

Exchange Online

Microsoft Exchange Online – part of Microsoft’s Office365 cloud offering – is just like Exchange on-prem but you don’t have to deal with the servers. Microsoft provides some tools and reports to assist securing and monitoring of Exchange Online like encryption and archival, but this support doesn’t cover everything you need to know about the system. Thankfully, we offer guides that do:

Microsoft Teams

Microsoft Teams is a chat-based collaboration tool that provides global, remote, and dispersed teams with the ability to work together and share information via a common service. It offers several useful features, such as document collaboration, one-on-one chat, team chat, and more. We’ve covered how to use Microsoft Teams securely in a number of our guides. Here they are:

Advanced Threat Protection (ATP)

It’s worth getting cybersecurity protections in place as soon as you start working as an Office 365 admin, so make sure you read up on the ATP system offered by Microsoft.

Office 365 Advanced Threat Protection (ATP) can help to safeguard your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. ATP includes various components::

Microsoft Cloud App Security (MCAS)

Microsoft Cloud App Security is a multimode Cloud Access Security Broker (CASB). It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyber threats across all your cloud services. Below you’ll find more information on several important aspects of MCAS:

Microsoft Information Protection (MIP)

Microsoft Information Protection is a system that helps you discover, classify, label and protect sensitive information – wherever it is stored or travels. Microsoft have typically offered sensitivity-label driven protection of individual files via their Rights Management Service (RMS), but using the system can be a little complex. Here are our guides on how to use MIP correctly:

Security and Compliance Center

The Microsoft Security & Compliance Center is designed to help you manage compliance features across Office 365 for your organization. Links to existing SharePoint and Exchange compliance features bring together compliance capabilities across Office 365. Here are our guides on how to use the Security and Compliance Center effectively:

Advanced Admin Techniques and Best Practices

advanced techniques for office 365

Though learning the basics of Office 365 administration is quite easy, you should continually seek to improve your skills and processes.

Office 365 administrators often take the lead on ensuring compliance with data security frameworks, for instance, and so you should make sure that you know how you can use the tools built into Office 365 to achieve this. Equally, learning how to use PowerShell can allow you to quickly and easily automate some of your processes. The most important advanced techniques for Office 365 administrators are these:

  1. Office 365 PowerShell Commands
  2. Office 365 and HIPAA
  3. E3 and E5 Office365 Features
  4. Using Malicious Azure Apps to Infiltrate a Microsoft 365 Tenant

E3 vs E5

Microsoft’s Enterprise Mobility and Security offerings are additional sets of security services that can be purchased to help control, audit and protect the data and users of Microsoft’s Azure and Office 365 products.

If you’re an enterprise that is concerned about data breaches, ransomware or insider threats, it’s unlikely that you would not upgrade your base (E3) Azure license to the slightly more expensive but worthwhile E5.

We’ve covered the differences between these licenses in several of our guides:

PowerShell + Office 365

PowerShell is a fundamental part of advanced Office 365 administration, allowing you greater control over your Office 365 environment and giving you access to extra options that are not available through the Office 365 Admin Center. It’s therefore crucial that Office 365 administrators familiarize themselves with PowerShell, and the way that it integrates with Office 365. To do that, you can read through our guides on this subject:

Office 365 Admin Training and Tutorials

image of a computer with tutorials and resources insider for office 365

We understand that, if you are already working as an Office 365 administrator, sometimes you will need to find information on a particular task fast. That’s why, in the following table, we’ve pulled together all of the guides we’ve mentioned above, so you can easily find what you are looking for.

Basics and Getting Started

Resource Description
Connect to Office 365 Getting started with Office 365 administration by connecting to Office 365 online.
Cloud Migration How to migrate your files and team onto the Office 365 cloud quickly and safely.
Microsoft File Sharing The basics of file sharing in Office 365 and related Microsoft entities.
Exchange Vulnerability A guide to security in Microsoft Exchange.
Microsoft Teams Security Guide How to use Microsoft Teams in conjunction with Office 365, and keep both systems secure.
SharePoint vs SharePoint Online A guide to the important differences between on-premises and cloud implementations of SharePoint.
SharePoint Permissioning Best Practices A detailed look at how to use the permissioning system built into SharePoint to protect your users and data.

Advanced Microsoft 365 Admins

Resource Description
Office 365 PowerShell Commands A quick reference guide to how to use PowerShell, whether you are working with Office 365 or related systems.
Office 365 and HIPAA A guide to how to work toward HIPAA compliance as an Office 365 administrator.
SubInACL A guide on how to use SubInACL in various settings including permissions as well as other top use cases.
E3 and E5 Office365 Features The crucial differences between the E3 and E5 licenses, and how they affect your work as an Office 365 administrator.
Using Malicious Azure Apps to Infiltrate a Microsoft 365 Tenant A look at one of the biggest security issues that Office 365 admins will face: malicious actors using Azure Apps to infiltrate your Office 365 system.

A Final Word

Working as an Office 365 administrator can be a thankless task: your users will be relying on you to manage their account for them, and you will be the first point of call if something goes wrong.

For that reason, it’s important that you know how to administer Office 365 in a secure way. The guides we’ve covered in this article will show you how, as will our guide to secure your Office 365 environment.

Jeff Petters

Jeff Petters

Jeff has been working on computers since his Dad brought home an IBM PC 8086 with dual disk drives. Researching and writing about data security is his dream job.


Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.