This blog post covers the most popular capability we provide: distributed Office 365 administration with configurable rights management. Security issues are sometimes self-inflicted by IT administrators because they have been assigned more power than they need. This happens all too often. With the standard Office 365 Admin Center, there is no easy way to assign specific, reduced admin capabilities to remote administrators so that they can support only the users within their geographical or business unit. Instead, these administrators are granted full admin rights over the entire user base, and as you could imagine, they could inadvertently click the wrong button.
Today, all enterprise and most mid-sized organizations are spread across different regions and have remote administrators, or “Shadow IT,” that want to support their local users. This distributed support model makes complete sense and helps take the pressure off the corporate IT administrators. However, you must enable those remote admins with the rights to manage only the users under their ownership. Plus, you should only grant them administration capabilities to perform the tasks that make sense:
- Password changes
- Managing quotas
- Managing clutter
- Managing licenses