Microsoft 365 has become the method of choice for organisations to store and share critical data.
Microsoft cloud services are built on a foundation of trust and security. Microsoft provides security controls and capabilities to help you protect your data and applications, however, these are often misconfigured or overlooked.
You own your data and identities and you also have the responsibility for protecting them. This includes the security of your on-premise resources, along with the security of cloud components you control within Microsoft 365.
Any flavour except vanilla
Sometimes, Microsoft 365 settings are left at default and in many cases left dangerously insecure, often by following a ‘vanilla’ MSP installation or without due security consideration during deployment.
Consequently, attackers are taking advantage of these poor deployments with alarming regularity. Malicious actors will commonly use phishing campaigns and leverage configuration weaknesses to maintain unauthorised access and exfiltrate data without detection.
MFA everything
We recommend using Multi-Factor Authentication (MFA), Mobile Device Management (MDM), Azure Information Protection (AIP), Microsoft Information Protection (MIP) and we assess the risk of Data Loss Prevention (DLP).
Measure it
The current configuration is correlated and analysed against Cognisys’ bespoke specification, based on Microsoft’s Secure Score and recommended best practices.
Appropriate recommendations can then be extrapolated. Our review aims to highlight the issues that allow attacks, breaches or losses to occur.
Report
Cognisys presents its findings in a comprehensive yet simple report format.
This typically comprises of an executive summary, methodology, technical findings, and prioritised recommendations for remediation.
Key benefits of our Microsoft 365 tenant review
Tailored to your organisation and where appropriate, we undertake a review of the following areas:
- Authorisation and access management
- Conditional access policies
- Multi-Factor Authentication (MFA)
- Mobile Device Management (MDM)
- Azure Information Protection (AIP)
- Microsoft Information Protection (MIP)
- Application protection policies
- Audit logging
- Document and email protection
- Identity protection
- Detection and investigation of security incidents
Let’s make things happen
Fill in the form and one of our team will be in touch for a no-obligation discussion or quote regarding your requirements.
info@cognisys.co.uk
Leeds office
5 Park Place
Leeds
LS1 2RU