(Deprecated) Microsoft 365 User Account Security Assessment [Template]


Microsoft 365 provides user account information across a variety of subsystems including Office 365, Azure AD and Exchange Online. To get a snapshot of settings and permissions on user accounts that may potentially pose a security risk requires hours of manual work.

By using the Voleer Microsoft 365 User Account Security Assessment, user account information can be extracted on an adhoc basis or scheduled to run periodically for review by security information workers to prevent unauthorized access and malicious activity to your Microsoft 365 tenant.

How it works

This template will retrieve data across Microsoft 365 and third-party security provider HaveIBeenPwned to generate a report detailing information including

  • Identifying potentially compromised accounts and suspicious login activity

  • Mailbox permissions and settings that may pose a security threat

  • Providing an overview of authentication methods and active vs inactive users


To run this report, you will require

  • A Microsoft 365 account with Global Administrator, Cloud Administrator or Application Administrator permissions

  • If using Cloud Administrator or Application Administrator permissions, an account with the additional permissions is required

    • Global Reader in Microsoft 365 Admin Center

    • User Options, View-Only Audit Log and View-Only Mail Recipients in Exchange Admin Center

Getting started

To start using this template, perform the following:

  1. Launch the Microsoft 365 User Account Security Assessment template from the library and follow the instructions

  2. Optionally schedule the template as a recurring job

Sign in or sign up to use this template