This document explains how departmental IT staff can use policy groups in Manifest to enforce technical restrictions on user accounts in Office 365, as part of an effort to achieve policy compliance.
HIPAA: If you believe you or your university work may be influenced by HIPAA and you have questions about the use of policy groups within your organization, please contact your HIPAA Security Coordinator.
If you do not work within the guidelines of HIPAA and you are interested in using policy groups within your organization, please contact the DoIT Help Desk for more information.
If you've created your policy group structure in Manifest and populated your groups; and you have run reports on the policy compliance of your users; you are ready to begin enforcing your policies by applying technical restrictions on your users' accounts. Currently, the technical restrictions that can be applied to user accounts are:
The prevention of setting an account auto-forward from the Wisc Account Admin site and creation of forward-to Inbox rules in Outlook on the web.
The prevention of enabling POP or IMAP configuration protocols once they've been disabled. This WILL NOT disable these protocols if they are currently enabled; it will only prevent users from re-enabling the protocols.
To implement the policy controls described above, please contact the DoIT Help Desk, providing the name of your "affiliation" and "exclusion" policy groups in Manifest, and ask that your policy groups request be sent to UW-Madison's Office 365 Team, so they may implement the enforcement of your policies. The Office 365 Team will contact you to confirm the implementation of your technical policy controls and let you know when they are in effect for your users.