Microsoft 365 - Using Policy Groups to Manage User Account Policy Compliance

Policy compliance is an integral part of day-to-day business at UW-Madison, and many campus departments must comply with policies specific to the work they do or information they manage. Policy groups via Manifest provide departmental IT administrators with the ability to manage and report on policy compliance for their users in Office 365.

HIPAA: If you believe you or your university work may be influenced by HIPAA and you have questions about the use of policy groups within your organization, please contact your HIPAA Security Coordinator.

If you do not work within the guidelines of HIPAA and you are interested in using policy groups within your organization, please contact the DoIT Help Desk for more information.

Policy Compliance Reporting and Enforcement

Policy groups can be used by departmental IT administrators to run reports on user account policy compliance and to prevent the enabling of certain features in Office 365

Reporting on Policy Groups

Departmental IT staff may run reports of the IMAP, POP, ActiveSync, and Auto-Forwarding policy compliance for user accounts they've selected. Departmental IT administrators start the use of policy groups simply running reports in which they are able to view the state of their users' account compliance. These reports inform departmental IT staff so they may assist users to achieve policy compliance before and after account controls are enforced. Note: until additional steps are taken by the Office 365 Team and departmental IT administrators, no actual account controls are enforced.
Preventing the re-enabling of IMAP, POP, and ActiveSync protocols, and Preventing Auto-Forwarding

Users with account policy controls enforced cannot re-enable IMAP, POP, or ActiveSync protocols once disabled, and they cannot set up Auto-Forwarding of their email. Once a departmental IT administrator has run reports and is confident in their users' account policy compliance, they can request the Office 365 Team start the enforcement of the policy controls. Users whose accounts are controlled must work with departmental IT staff to modify these options if an exception is required.

If you or your departmental IT administrators are currently working with the UW-Madison Office 365 Team to implement the use of policy groups in your department, please follow the steps and linked documentation below.

Start by creating your policy group structure in Manifest: Microsoft 365 - Creating and Managing Policy Groups (Departmental IT)
Next, run user account compliance reports on the users in your policy groups and follow up with them to address non-compliance, as needed: Microsoft 365 - Reporting on User Policy Compliance via Policy Groups (Departmental IT)
Once your user accounts are in a compliant state, work with UW-Madison's Office 365 Team to begin enforcing the policy controls: Microsoft 365 - Enforcing User Account Policy Compliance via Policy Groups (Departmental IT)

Keywords	manifest o365 m365 microsoft 365 microsoft users departmental IT staff policies report comply HIPAA auto-forward POP IMAP active sync ActiveSync restrict lock down lockdown health insurance portability accountability act security	Doc ID	72271
Owner	O365 S.	Group	Microsoft 365
Created	2017-04-03 11:13:11	Updated	2023-02-02 08:22:58
Sites	DoIT Help Desk, Microsoft 365
Feedback	0 0 Comment Suggest a new document