Prompt to enable "Audit Log" when an Admin User is created
When creating a new Admin User (No matter what the Admin Role is) user should be prompt to enable "Audit Log" for that new user. Lots of people don't even know that this feature exists and are wondering why it is not enable by default. I guess it is something related to privacy or compliance. This way, whenever you create a new user with an Admin Role, you would be prompt to enable "Audit Log" with a small description of what "Audit Log" is. This way, it would be easier for Admins to track down any actions or compromised account.
H. van der Sluis commented
If this is so essential to recover or search for any data then this should be a default policy what is turned on.
Or at least attend the administrator to turn this on if you want to recover or search for some data.
This should be enabled by default. Multiple tenants only realize that their user actions were not being logged when is too late.
Taranjeet Singh commented
I totally agree with this. Alot of customers do not know about this feature. We undrstand that Microsoft doesnt record customer's info without customer's permission but Office 365 portal also doesn't give any notification to the customers that this feature exists in Office 365 Environment. Admins should get a Pop-Up about this feature.
When I contacted support to help with finding out logging info, they had to turn this feature on. It needs to have been on for it to record any activities, why was it off the whole it. Theres so many things I can think of that this feature can help with:
- if your User is compromised or files deleted, you can use audit log to find out which IP or User did it !
why is something like that off by default. I agree with OP, I should have been prompted to turn this on when I first created my tenant.