Which Microsoft 365 option is right for my business?
A plain-language guide. No technical jargon. Just a straight answer.
The question in simple terms
When SoftSol manages your Microsoft 365 environment, we need administrative access — just like a building manager needs a master key. The question is: how do you keep that access safe and accountable?
We offer two approaches. Think of them like this:
🔒 Option A — The Key Safe
SoftSol does not hold a key at all. When we need access, we have to formally request it, explain why, and you (or your IT person) must unlock the key safe and hand it over. The key is automatically returned after a set time. Maximum control, but someone at your company must be available to approve each request.
📹 Option B — The CCTV System Recommended
SoftSol holds a key, but every time it is used, a security camera records exactly what happened — and that recording is stored off-site where nobody can erase it. You receive an immediate alert whenever the key is used. Strong accountability, zero effort from your side.
How safe is each option?
Both options are significantly safer than having no framework at all. The difference is how safety is achieved.
| Question | 🔒 Option A Key Safe (GDAP/PIM) |
📹 Option B CCTV (Audit Trails) |
|---|---|---|
| Can SoftSol access your emails right now? | No — not without approval | Yes, but every access is recorded |
| Will you know if something is accessed? | Yes — you approve it first | Yes — instant alert sent to you |
| Can records be altered or deleted? | Logs exist, but access was never granted in the first place | No — stored off-site, tamper-proof |
| Does someone at your company need to respond to requests? | Yes — every single time | No — runs automatically |
| What happens if nobody responds to an approval request? | SoftSol cannot perform the task — work is delayed | Not applicable — no approval needed |
| Is an audit trail available for compliance / insurance? | Yes | Yes — comprehensive and external |
| Protects you if SoftSol ever acts inappropriately? | Yes — access was never granted | Yes — irrefutable evidence on record |
Most businesses — choose this
📹 Option B is right for you if…
- ✓You run a small or medium-sized business
- ✓You do not have a dedicated full-time IT manager on staff
- ✓You want accountability without adding to your team’s workload
- ✓You need something that works automatically in the background
- ✓You want an independent audit trail for compliance or cyber insurance
- ✓You need SoftSol to respond quickly without delays waiting for approvals
Bottom line: you get strong protection and full transparency, completely passively. It just works.
Larger organisations — consider this
🔒 Option A is right for you if…
- ✓You have a dedicated, full-time IT administrator or security officer
- ✓That person is available to respond to access requests within minutes
- ✓You operate under strict data-isolation requirements (e.g. legal or financial)
- ✓You require that no administrative access ever occurs without prior sign-off
- ✓Regulatory requirements specifically mandate just-in-time access controls
Important: if your IT person is unavailable, SoftSol cannot perform urgent tasks. This requires reliable internal resource.
Our honest recommendation
For the vast majority of SoftSol clients — businesses with 5 to 200 staff who outsource their IT entirely or partially — Option B (Immutable Transparency) is the better choice. It delivers the same peace of mind that your environment is being managed honestly and accountably, without adding any internal workload or risk of service delays.
Option A is a powerful framework, but it is designed for environments where there is a capable, available person inside your organisation whose job includes reviewing IT access requests. For most small businesses, that person does not exist — and choosing Option A without them means either approvals go unanswered or the entire system is bypassed in practice.
Not sure which applies to you? Call us and we will tell you honestly within five minutes.