Why Microsoft 365 Email? 

Memorial’s current email environment consists of multiple email systems. It is complex, costly, and difficult to support. Microsoft 365 email is a cloud-based email service that will allow Memorial to standardize technology, increase security, reduce costs, create efficiencies and improve email and collaboration across all Microsoft 365 tools.   

What is the quota for Microsoft 365 Email? 

The storage quota for Microsoft 365 email is 10GB. 

Who will get Microsoft 365 email? 

Microsoft 365 email is Memorial’s email environment for faculty and staff. All employee mailboxes will be migrated to Microsoft 365 email over the coming months, beginning with user mailboxes that are currently in Memorial’s on-premise Microsoft Exchange environment.  

Will this change impact student and alumni email services? 

Students and alumni will continue to use the Google-provided MUNmail service at this time.

Will this change impact retiree email services? 

Microsoft 365 email will be provided to retired employees. Due to licensing restrictions, retirees will not receive access to other Microsoft 365 applications and features (e.g. OneDrive, Teams, Office download, etc.). 

When will this change affect me? 

Phase one of the project will migrate mailboxes currently in the Microsoft Exchange on-premise environment to Microsoft 365 email. It is anticipated phase one will be complete by the end of 2024. 

Phase two will focus on migrating faculty and staff mailboxes currently in Webmail/IMAP and Google MUNmail. 

While the project plan involves working with key contacts and migrating user mailboxes unit by unit, users can request to have their mailbox migrated at any time by contacting the IT Service Desk.  

What is multifactor authentication (MFA)? 

Multifactor authentication requires users to provide more than one form of identity verification before accessing a service. In addition to entering a username and password, MFA for Microsoft 365 email will prompt faculty and staff to confirm their identity using a supported mobile app or a hardware token, ensuring that only authorized users can gain access to the service. A hardware token does not require a mobile device and can be provided to employees if needed.  

MFA is a key component of Memorial’s cybersecurity program. It significantly reduces the impact of compromised passwords and helps protect Memorial from cyber-attacks.   

What devices can be used for MFA? 

Mobile Device (recommended) 

MFA uses the Microsoft Authenticator mobile app on your iOS or Android device. The mobile app does not track your location, nor does it provide the university with any personal information about you or your devices. This lives on your phone and does not require an internet connection. Please note that the use of the Microsoft Authenticator app on your mobile devices does not provide Memorial with control over the device and Memorial cannot wipe a personal device. 

Hardware Token 

Faculty and staff can request a hardware token which is a physical device used to verify your identity. Hardware tokens do not require an internet connection to work. The hardware token provided can be used for second factor authentication for both Microsoft 365 services and VPN remote access. Contact the IT Service Desk to request a hardware token for Microsoft 365.  

How will I access my email? 

From MUN-managed workstations, users can use Microsoft Outlook for Desktop client application software (Windows and Mac). 

From mobile devices, users can use Microsoft Outlook for Mobile app (iOS and Android). Please note that Memorial has no control over mobile devices used to access @mun.ca email and Memorial does not have the ability to wipe a personal device. 

Users can also access their email from a web browser by going to https://outlook.office.com/.  

Can I use an email client other than Outlook? 

Outlook for Desktop (Windows and Mac) and Outlook for Mobile (iOS and Android) are recommended because of the enhanced security features they provide users with when accessing their email. The Outlook clients are also the only supported email clients when you contact the IT Service Desk. 

Users can request the use of an alternative client that supports OAuth 2.0 Modern Authentication by contacting the IT Service Desk. Requests will be reviewed on a case-by-case basis and must include the name and version of the email client and the rationale for the request.   

What about a desktop client for Linux? 

Linux users can access their Memorial email from a web browser by going to https://outlook.office.com/.  

Linux users can request the use of a desktop client that supports OAuth 2.0 Modern Authentication by contacting the IT Service Desk. Requests will be reviewed on a case-by-case basis and must include the name and version of the email client and the rationale for the request.  

Can I access my email from a personal device (i.e. non-Memorial managed)? 

Yes. You can login to https://outlook.office.com/ and access your Memorial email from a personal device.   

Will shared mailboxes / general email addresses be migrated to Microsoft 365 email? 

Yes. The project manager will work with units to identify and migrate the mailboxes while minimizing any disruption. 

How secure is my email and other data (e.g. research data) in Microsoft 365? 

Microsoft takes strong measures to protect customer data from inappropriate access or use by unauthorized persons, and to prevent customers from gaining access to one another’s data. You can review Microsoft’s policies on data management at:  

Data Management at Microsoft, https://www.microsoft.com/en-us/trust-center/privacy/data-management.  

Microsoft Office 365 Data Access, https://products.office.com/en-us/legal/docid24.  

Contact Memorial’s Office of the CIO if you have security or information protection questions or concerns.  

Where can I find information about Microsoft’s privacy policies? 

You can view Microsoft's Privacy Statement. You can contact Memorial’s Information Access and Privacy Office if you have privacy questions or concerns.   

Will my email and other Microsoft 365 data be stored in Canada?  

Microsoft has data centres located in Canada; however, Microsoft will not guarantee Memorial’s email and other data will be stored in its data centres in Canada. A cloud assessment and a privacy impact assessment were completed on Microsoft 365, and Microsoft 365 meets Memorial’s contractual, privacy, security and information protection requirements.  

Should I be concerned about US law enforcement or laws such as the Patriot Act? 

Microsoft conforms with privacy best practices and international standards such as ISO/IEC 27018 Code of Practice for Protecting Personal Data in the Cloud. When law enforcement organizations demand access to data stored by Microsoft, Microsoft refers them to their customer (unless Microsoft is prohibited by law enforcement to notify their customer). It will then be up to the Memorial to determine how to address such requests. Memorial’s Access to Information Request process is then followed which would be the same process followed if the data was stored on-premise.