Is external forwarding in Exchange a security risk? #M365AMA

In this episode, the #M365AMA panel discusses the following community question:

“We’ve got a company email account “”support@”” that needs to forward to 1 external Gmail address (leave a copy in the inbox). The IT department is telling our boss “”external forwarding is a huge security issue”” I suspect think the IT company just doesn’t want to turn on the “”allow individual inbox forwarding”” and we suspect that’s maybe because he’s stuffing the license
what are your thoughts here?
1- is simple forwarding, while leaving the local copy in the inbox, really a big security issue that a simple non-government company would have to worry about?
2- is it possible that they are reselling the same license for multiple companies on the same box?”

Check out the discussion here:


Participating in this discussion were:

Some relevant notes/links shared by the team:

Christian Buckley

Christian is a Microsoft Regional Director and M365 Apps & Services MVP, and an award-winning product marketer and technology evangelist, based in Silicon Slopes (Lehi), Utah. He is the Director of North American Partner Management for leading ISV Rencore (, leads content strategy for TekkiGurus, and is an advisor for both revealit.TV and WellnessWits. He hosts the monthly #CollabTalk TweetJam, the weekly #CollabTalk Podcast, and the Microsoft 365 Ask-Me-Anything (#M365AMA) series.