Our organization has around 250 employees and we use Microsoft 365 with mandatory two-factor authentication. Recently, a manager's email was hacked, resulting in a flood of hundreds of spam emails daily. The admin claims that the email address is now unusable and won't send emails securely again, though it can still receive them. This situation has raised my suspicions about whether the admin is being incompetent or lazy. Not long ago, there was also a problem with a different employee having trouble opening HEIC files on Windows, and the admin's solution was less than ideal – suggesting that the employee convert the files to JPEG or ask iPhone users to do the same. This makes me wonder if the admin truly understands email security and the complexities involved, as my gut tells me that a straightforward solution should exist. I'd love to hear your thoughts on whether I'm right to doubt the admin's capabilities or if there's more to this than meets the eye.
5 Answers
The way I see it, you need to speak to your admin directly about your concerns instead of just second-guessing. Misunderstandings can lead to unnecessary blame, and collaboration usually yields better solutions than gossiping in forums.
If your admin isn't familiar with common recovery processes for compromised accounts, that’s a red flag. It's critical for anyone in IT to know how to effectively manage security breaches. Maybe it’s time for them to get some training or for your business to consider more support staff.
Exactly! Some businesses even overlook the magnitude of these roles. It's essential that they get the right help.
It's possible your admin is overwhelmed. Handling IT for 250 people solo can lead to mistakes or oversights, especially if they're juggling multiple responsibilities. Maybe they genuinely believe the address can't be salvaged and aren't communicating that well.
That's a real possibility. It takes a lot of skill and time to manage a large organization effectively, and if they’re under-resourced, they could be getting overwhelmed.
I don't think the email address is completely toast. Usually, it's the domain that's blacklisted, not just one email. Resetting the password and providing training to the manager should help. It might take some time for the email address to clear the lists, but you can definitely still use it safely after taking the right steps.
Yeah, it might take a while for the address to go from being considered spam to being accepted again by mail servers, especially if it had major issues.
It sounds like this might be more about the reputation of your outbound emails. While there could be a legitimate reason behind the admin's response, it's definitely not accurate to say there's no way to secure the email again. Things like changing passwords and removing blocked addresses can often help.
Right, it could just be that your email is stuck in a spam filter for a while, so it’s worth looking into the admin's action plan more closely.
You’re spot on. Open communication is key. Don't assume malicious intent when it could just be ignorance or a knowledge gap.