Skip to main content
0%

EWS - Best Practice & Roll Out

Customer knowledge baseFeaturesSecurity Risks and BaselinesBaselinesBaseline GuidesRoll Out Guides

Best Practice

Best Practice: ENABLED

Most organisations will choose to enable EWS by default so that older 3rd party apps can function. While newer third-party apps will use MS Graph API, we cannot exclude EWS at this point in time if third-party apps are an important part of the organisation's toolset.

Roll Out

  1. Consult with the client. Ask them if they wish their users to use third-party apps connected to the M365 accounts. Examples include email archiving tools, CRMs, and backup solutions.

  2. If they choose to turn it off, ensure they have reviewed their toolset and have a strategy for apps without EWS going forward.

  3. A chosen approach might be to disable EWS for some sensitive admin accounts where no mailbox is present. If so, use Octigas group baselines to manage this.

  4. If EWS ENABLED is the chosen approach, then put the baseline in place, and no further communication with the client is required, assuming it was ENABLED previously.

0%
0%