Login to your CloudSOC tenant with a Sysadmin account
Go to the Store tab
Hover over the Office 365 Securlet and select Configure
Take a screenshot of the configuration page, to use if you are planning on reactivating the securlet
If reactivating it is sometimes easier to copy the fields into a text document to allow for copy and paste.
On the Configure Securlet page do not check the Purge Data check box and click deactivate (Only one O365 account can be active to deactivate. Remove all extra accounts before deactivating the Securlet).
If you want to clear all data, click the Purge Data check box before deactivation. This will remove all record of scanned files but will not remove Users or any incidents that have been recorded while the Securlet was active
If you plan on reactivating the tenant at another time do not choose the Purge Data option unless you want a new scan of the environment on re-activation.
After deactivation wait at least 30 minutes before trying to re-activate the Securlet.
If deactivation is needed right after activation, wait another 30 mins before deactivating again.