This topic discusses the steps you should take to secure your data after an employee leaves your organization. Screenshot given below will show you the list of options to Deprovision Users using Vyapin Office 365 Manager
Reset user password
When a user leaves, the first thing you want to do is reset the password on their account, so that they can no longer access their account. Resetting their password means you can still access their mailbox but prevents them from accessing their mailbox once they have left.
Remove access from user mobile device
If there are mobile devices connected to Office 365, you can either ask the employee to remove this on their mobile devices or, if the employee has been terminated under unfavorable circumstances, you may need to remotely wipe their mobile devices to prevent them from accessing corporate data or information from the device.
Replace user account with another account
It is used to replace user account with another account in Office 365 if there is a replacement user. When a user leaves, you can rename the leaving user’s account with the new account of the replacing user.
Archive user OneDrive content
OneDrive for Business is a bundle that comes with Office 365 used for storing and organizing your work documents. All of the files that you store on OneDrive for Business are private until you share them, so when employee leaves your organisation, you should check to see if there are any documents in a user’s OneDrive folders so that you may archive such OneDrive content before deleting the user account.
Remove email forwarding
To remove any forwarding address the user or his team may have configured for the user’s mailbox. This is one of the most overlooked areas when a user leaves the organization and a potential vulnerability point for data theft.
Forward user incoming emails to another mailbox
It is used to forward all the user’s incoming emails to another mailbox automatically. When a user leaves, you may want to automatically forward the user’s incoming emails to another mailbox or recipients (at least temporarily).
Convert user mailbox to shared mailbox
Office 365 allows you to have any number of shared mailboxes. These mailboxes do not require a license. The mailboxes have all the same functions of a regular mailbox. The shared mailbox has a storage limit of 10GB.
Once the user mailbox is converted to a shared mailbox, you can remove the license from the user account, freeing up the license for use with another user and the content of the mailbox will continue to remain even after the user is disabled from the system.
Remove user from distribution groups
This task removes a user from all distribution groups the user belongs, so that the user can no longer access the distribution groups. This removes unwanted users from cluttering your distribution groups.
Remove user from admin roles
This task removes a user from all admin roles assigned for that user. This is one of the most important tasks to do if the leaving user is part of the admin team or has been assigned specific admin roles as required by specific business functions.
Delete user account
This is the final task that deletes the user account in Office 365. Once you deleted the user account, it prevents any form of unauthorized access. Deleting the user account also frees the Office 365 license assigned to that user. When you delete a user account, you don’t lose their data and the user becomes inactive. The user’s data is stored for 30 days in case the user account and all associated data need to be restored.