Overview: Remove a former employee and secure data
Check out Microsoft 365 small business help on YouTube.
A question we often get is, "What should I do to secure data and protect access when an employee leaves my organization?" This article series explains how to block access to Microsoft 365 so these users can't sign in to Microsoft 365, the steps you should take to secure organization data, and how to allow other employees to access email and OneDrive data.
Before you begin
To complete the steps in this series, you use these Microsoft 365 capabilities and features.
| Product or component | Capability or feature |
|---|---|
| Microsoft 365 admin center | Convert mailbox, forward email, revoke access, remove user |
| Exchange admin center | Block user, block access to email, wipe device |
| OneDrive and SharePoint | Give access to other users |
| Outlook | Import pst files, add mailbox |
| Active Directory | Remove users in hybrid environments |
Solution: Remove a former employee
Important
Although we've numbered the steps in this solution and you don't have to complete the solution using the exact order, we do recommend doing the steps this way.
| Step | Why do this |
|---|---|
| Step 1 - Prevent a former employee from logging in and block access to Microsoft 365 services | This blocks your former employee from logging in to Microsoft 365 and prevents the person from accessing Microsoft 365 services. |
| Step 2 - Save the contents of a former employee's mailbox | This is useful for the person who is going to take over the employee's work, or if there is litigation. |
| Step 3 - Wipe and block a former employee's mobile device | Removes your business data from the phone or tablet. |
| Step 4 - Forward a former employee's email to another employee or convert to a shared mailbox | This lets you keep the former employee's email address active. If you have customers or partners still sending email to the former employee's address, this gets them to the person taking over the work. |
| Step 5 - Give another employee access to OneDrive and Outlook data | If you only remove a user's license but don't delete the account, the content in the user's OneDrive will remain accessible to you even after 30 days. Before you delete the account, you should give access of their OneDrive and Outlook to another user. After you delete an employee's account, the content in their OneDrive and Outlook is retained for 30 days. During that 30 days, however, you can restore the user's account, and gain access to their content. If you restore the user's account, the OneDrive and Outlook content will remain accessible to you even after 30 days. |
| Step 6 - Remove and delete the Microsoft 365 license from a former employee | When you remove a license, you can assign it to someone else. Or, you can delete the license so you don't pay for it until you hire another person. When you remove or delete a license, the user's old email, contacts, and calendar are retained for 30 days, then permanently deleted. If you remove or delete a license but don't delete the account, the content in the user's OneDrive will remain accessible to you even after 30 days. |
| Step 7 - Delete a former employee's user account | This removes the account from your admin center. Keeps things clean. Emails to the former employee's user account will not be received. |
Watch: Delete a user overview
Check out this video and others on our YouTube channel.
Does your organization use Active Directory?
If your organization synchronizes user accounts to Microsoft 365 from a local Active Directory environment, you must delete and restore those user accounts in your local Active Directory service. You can't delete or restore them in Microsoft 365.
To learn how to delete and restore user account in Active Directory, see Delete a User Account.
If you're using Microsoft Entra ID, see the Remove-MgUser PowerShell cmdlet.
Related content
Restore a user (article)
Add a new employee to Microsoft 365 (article)
Assign or unassign licenses for users in the Microsoft 365 admin center (article)
Remove-CalendarEvents