You probably didn’t “choose” your current Microsoft 365 licensing setup. It happened one hire at a time, one add-on at a time, one quick fix at a time.

Then one day you look at the bill and think, “We are definitely paying for things we don’t use.” You’re usually right.

Why licensing gets messy in growing businesses

Microsoft 365 is sold per user (a “seat”), and most businesses add seats when they onboard people, contractors, temps, or new locations. The creep comes from a few predictable places:

  • Former employees still have licences. Offboarding wasn’t consistent, or someone wanted to keep access “just in case.”
  • People changed roles. The sales rep who needed a certain tool is now in ops, but kept the same plan.
  • Add-ons stuck around. A project needed something for 60 days, and nobody removed it.
  • Licences were assigned ad hoc. One admin assigns licences one way, another admin does it differently, and now you can’t tell what “normal” looks like.

The goal of a Microsoft 365 license review is simple: make sure each person has the lowest-cost licence that still lets them do their job, and remove anything that’s no longer needed.

Start with a clean list of “who should have a seat”

Before you touch plans and features, get the people list right. This is where most savings come from.

  • Active employees. Everyone currently on payroll who needs email, Teams, files, or Office apps.
  • Contractors and vendors. Decide who truly needs an account in your tenant versus guest access.
  • Shared accounts that should not exist. If you see “reception@” used by three people, flag it. Shared logins are a security and audit nightmare.
  • Former employees. Confirm they’re fully offboarded, or that there is a deliberate reason they still exist.

Microsoft’s admin guidance also pushes “least privilege” thinking for admin access. The same mindset applies here: give accounts and licences only where they’re needed, and no more.

Use the built-in usage reports to spot low-usage seats

Licensing arguments get emotional fast. Someone feels “called out,” or a manager insists everybody needs the top plan.

Usage reports help you keep it factual. In the Microsoft 365 admin center, there are usage reports that show activity over the last 7, 30, 90, or 180 days, including user activity for services like Exchange, OneDrive, and Teams.

A practical way to use those reports:

  • Find accounts with no recent activity. If someone hasn’t used email, Teams, or OneDrive in months, they probably shouldn’t have a paid seat.
  • Separate “light users” from “non-users.” A warehouse lead who only checks email on mobile may be a good candidate for a lighter plan. A departed employee is a removal.
  • Watch for seasonal roles. If you have interns or seasonal staff, build a repeatable process for adding and removing seats on a schedule.

This is also where you catch the classic mistake: licences assigned to accounts that exist only to forward mail, receive invoices, or act as a general mailbox.

Be careful with mailboxes, shared mailboxes, and “we can’t lose that email”

A lot of licence waste hides inside email.

Here are the common patterns, and what to check before you remove anything:

  • Shared mailboxes. A shared mailbox generally doesn’t require its own licence for basic use, but there are limits and exceptions (size limits, holds, and advanced compliance features can change the requirement). If you converted a user mailbox to a shared mailbox and left the licence attached, that is a frequent easy win.
  • Archive and retention needs. If you rely on archiving, litigation hold, or certain retention features, licensing can get specific. Don’t assume you can downgrade without consequences.
  • Inactive mailbox expectations. Some businesses want to preserve a former employee’s mailbox for legal, operational, or continuity reasons. That can be doable, but it needs to be a deliberate decision with the right licensing and process behind it.

The best approach is to make a short checklist for your offboarding process: what happens to the mailbox, what happens to OneDrive, who gets access (if anyone), and when the licence gets removed.

Right-size plans by role, not by title

Once you’ve removed obvious dead seats, the next savings come from aligning licence plans to what each role actually needs.

A simple way to do it is to define three or four “licence profiles” for your business. For example:

  • Frontline or light users. Web and mobile use, email, Teams, and files, but no need for the full desktop Office apps.
  • Knowledge workers. Full Office desktop apps, heavier Excel/PowerPoint use, and more time in Teams.
  • Power users or high-risk users. People who handle sensitive data, approve payments, or are frequent phishing targets (execs, finance, HR). These users often justify stronger security features.

Then, for each profile, decide:

  • What apps are required. Desktop apps versus web-only is often the biggest practical difference.
  • What security is required. Some security capabilities are bundled in higher plans, or available as add-ons.
  • What compliance is required. If you have retention or eDiscovery needs, confirm those requirements before changing anything.

This is where you stop paying for “everyone gets the best plan” when only a small group truly needs it.

Standardise how licences are assigned (so the mess doesn’t come back)

Even a great clean-up will drift again if licences are assigned manually, person by person, with no standard.

Microsoft supports assigning licences through group-based licensing, managed in the Microsoft 365 admin center. In plain English, you create groups like “M365-Business-Premium” or “M365-Business-Basic,” put users in the right group, and licensing follows the group.

That gives you three benefits right away:

  • Consistency. New hires get the right licence because HR or IT puts them in the right group.
  • Speed. You can onboard and role-change people without hunting through checkboxes.
  • Auditability. When someone asks “why does this person have that licence,” you can point to the group and the role definition.

Also, keep admin access tight. Microsoft’s own admin role guidance is clear that highly privileged roles should be limited, and you should assign the least privileged role needed for the task. That reduces the risk of accidental changes to billing and licensing.

A review cadence that actually sticks

A Microsoft 365 license review shouldn’t be a once-a-year scramble right before renewal. You’ll miss savings, and you’ll be tempted to rush changes.

A simple cadence that works for most growing businesses:

  • Monthly (15 minutes). Check for terminated users still enabled and still licensed.
  • Quarterly (60 minutes). Review usage reports, role changes, and any add-ons.
  • Before renewals (2 to 3 weeks ahead). Confirm headcount forecasts, planned hires, and any projects that need temporary licences.

If you do just that, your Microsoft 365 bill becomes predictable, and you stop paying for ghosts.

Want a second set of eyes?

Licence reviews are one of those jobs that feels easy until you hit a “wait, what breaks if we remove this?” moment.

If you would like help running a Microsoft 365 license review and setting up a clean, repeatable licensing process, the Flexnet Networks team can help you get it sorted.

Sources