Microsoft 365 - Using Policy Groups to Manage User Account Policy Compliance

Policy compliance is an integral part of day-to-day business at UW-Madison, and many campus departments must comply with policies specific to the work they do or information they manage. Policy groups via Manifest provide departmental IT administrators with the ability to manage and report on policy compliance for their users in Office 365.

HIPAA: If you believe you or your university work may be influenced by HIPAA and you have questions about the use of policy groups within your organization, please contact your HIPAA Security Coordinator.

If you do not work within the guidelines of HIPAA and you are interested in using policy groups within your organization, please contact the DoIT Help Desk for more information.

Policy Compliance Reporting and Enforcement

Policy groups can be used by departmental IT administrators to run reports on user account policy compliance and to prevent the enabling of certain features in Office 365

  • Reporting on Policy Groups

    Departmental IT staff may run reports of the IMAP, POP, ActiveSync, and Auto-Forwarding policy compliance for user accounts they've selected. Departmental IT administrators start the use of policy groups simply running reports in which they are able to view the state of their users' account compliance. These reports inform departmental IT staff so they may assist users to achieve policy compliance before and after account controls are enforced. Note: until additional steps are taken by the Office 365 Team and departmental IT administrators, no actual account controls are enforced.

  • Preventing the re-enabling of IMAP, POP, and ActiveSync protocols, and Preventing Auto-Forwarding

    Users with account policy controls enforced cannot re-enable IMAP, POP, or ActiveSync protocols once disabled, and they cannot set up Auto-Forwarding of their email. Once a departmental IT administrator has run reports and is confident in their users' account policy compliance, they can request the Office 365 Team start the enforcement of the policy controls. Users whose accounts are controlled must work with departmental IT staff to modify these options if an exception is required.

If you or your departmental IT administrators are currently working with the UW-Madison Office 365 Team to implement the use of policy groups in your department, please follow the steps and linked documentation below.



Keywords:
manifest o365 m365 microsoft 365 microsoft users departmental IT staff policies report comply HIPAA auto-forward POP IMAP active sync ActiveSync restrict lock down lockdown health insurance portability accountability act security 
Doc ID:
72271
Owned by:
O365 S. in Microsoft 365
Created:
2017-04-03
Updated:
2023-02-02
Sites:
DoIT Help Desk, Microsoft 365