This article apples to customers who host mailboxes with Microsoft 365, Microsoft Exchange, and even our Zimbra Email Collaboration Platform.
Do you even have a strategy for setting up your mailboxes?
When we onboard new customers we often find the way their email addresses are set up a bit of a mess, or – its true – some existing customers will simply ask for a mailboxes to be set up in a certain way and they will not contemplate if what they are asking for is the best way to do it. Though we may let that slide inside smaller organisations, new threats mean we now stand more firmly in support of best practice setup.
Lets say you have an email mailbox – lets call it firstname.lastname@example.org – and several people need to access it. Do you give them all the password for that mailbox? If you do give them the password and one person leaves, you will have to change the password.
As soon as you change that password, the people that have access to this mailbox will be unable to send or receive email on any computer, laptop or mobile until the password has been updated on them. Quite apart from the inconvenience, this could attract significant IT support costs if the mailbox is used on a lot of devices. If another person leaves a few weeks later the whole process is repeated. It’s a waste of time, money and energy.
Another scenario. Stick with our sales mailbox. One of your staff sends out an email. Perhaps they misquote a customer badly and you have to give them a hefty discount to keep them sweet. Perhaps a member of staff sends a rude comment. Do you know WHO sent that email? No you don’t, because several people have access to the mailbox in the same way.
How to prevent this scenario with best practice…
The foundation for the ‘best practice’ way to set up email is for each person to have their own mailbox. This is considered their primary mailbox which on a day to day basis only they will have access to. This starting point is necessary for three key reasons:
- The boss (or in fact anyone inside or outside the organisation) can send email directly to a given person knowing that potentially sensitive email cannot normally be read by another person.
- Access to shared mailboxes (accounts@ sales@ office@) can be granted according to need (we call this email delegation).
- Access to shared mailboxes can be immediately revoked without it impacting anybody else.
Why this approach works…
- When access to shared mailboxes is granted or revoked, those mailboxes automatically appear and disappear in desktop versions of Microsoft Outlook. This speeds up the process, and drastically reduces IT support costs, not just during setup time but the whole time that person is part of your business.
- The passwords for shared mailboxes usually never have to be given to anybody. As well as being much more secure, it means when a person starts working for you they do not need to be told the password for any shared mailbox.
- If a person leaves the organisation, their own primary mailbox is disabled, instantly revoking access to the other mailboxes that person had access to.
- When a person sends an email from a shared mailbox, there can be some traceability so you can find our who sent a given email.
Other points to make…
- Just like shared mailboxes, user mailboxes can be delegated to other people. For example a persons mailbox can be delegated to a manager so when he or she is on holiday they can keep an eye out for important emails.
- Even part time staff need their own mailbox. For example if Fred only comes in twice a week and only needs access to the sales@ mailbox, Fred should still be given his own mailbox, otherwise the whole strategy falls down.
As you can see, there are some good reasons to use this mailbox strategy. Note that some of the features described above do not work on all platforms, but the regardless of your email platform the principles are still sound. If you are running an organisation in Norwich or Norfolk and you need help with implementing a suitable mailbox strategy like this, please do contact us for help.