Microsoft 365

What Is It?

Microsoft 365 is a suite of applications, enterprise services and cloud based products to help organisations be more collaborative as well as productive. This entails conventional applications such as access to online and desktop versions of Microsoft’s Office suite but also collaboration tools such as Teams, OneDrive, SharePoint as well as central services such as Exchange and Power BI for example.

Why Assess It?

There are many reasons to conduct a Microsoft 365 security assessment, five of which are below.

Enforce Robust Authentication

As organisations utilise more cloud services it is important to ensure the same authentication standards are adhered to without adding complexity or introducing security vulnerabilities. Undertaking a security assessment of your Microsoft 365 configuration allows you to be confident in only permitting access to the right resources for the right people at the right time.

Secure Organisational Data

Your organisations data will be processed in the cloud and using services and resources which have not been developed solely for your organisation. It is important to ensure that your instances of each service have been configured in line with your risk appetite and meets your security expectations.

Increase Collaboration

With increased collaboration comes the risk of loss of control over your data. Collaboration should not be stifled by security. When security is effective it can actually support and encourage greater collaboration because users have the clarity and confidence in how they can work. As an organisation you can empower the users without overbearing restrictions or lengthy policies to adhere to, instead favouring robust technical controls.

Conform to Compliance

An assessment will assist with compliance, such as meeting your organisations internal security standards as well as reducing the likelihood of fines being imposed in the event of a security incident. The UK’s Information Commissioners Office (ICO) can issue fines up to £17.5m or 4% of global annual turnover, whichever is higher.

Increase Efficiency

With increased usage of cloud services the additional security products bundled inside the tiered offerings is often overlooked. Conducting a security assessment ensures you are aware of all security beneficial features available to your organisation and can deploy them to their greatest effect. Efficiency is also gained by simplifying security tasks using cloud native functionality, meaning your teams will have less of an administrative burden and can react faster to any security events.

The Agility Cyber Approach

Like all our engagements, we want you to get the most out of your Microsoft 365 security assessment and we do this by:

Knowledge Sharing

We do not just look at the configurations set in the services you are using. We bring a wealth of knowledge and experience to your organisation and show you where additional services and functionality which is already available can be used to uplift your security posture.

Threat Actor Viewpoint

When looking at the services we always have the threat actor perspective to consider, allowing us to identify functionality that does not look to apparently affect security on the face of it but can be leveraged as part of an attack chain.

Understanding Your Organisation

Every organisation is different and how you utilise Microsoft 365 will differ as well. We factor this in so we make the right recommendations.

Actionable Recommendations

We do not give high level abstract suggestions. Our recommendations guide you through remediating the vulnerability including any wider context about how it might impact the organisation, such as requiring encryption to be turned on elsewhere for example.

Tooling Up Teams

Whilst a human based review will always offer a better level of assurance, we believe in supporting your organisations security as much as possible. This is why we advise on open source security tooling that, whilst not able to pick up every vulnerability, can be run by your internal teams to keep the common risks at bay and allow you to have continued confidence in your Microsoft 365 environment.

Benefits of Partnering with Agility Cyber

Mutually Invested

Our experts work with you, not against you. There are no egotistical celebrations when a serious issue is discovered, just rapid full disclosure with pragmatic suggestions for effective remediation followed by ongoing support.

Clarity and Simplicity

We always provide clarity, believe in simplicity and value your time. An example is rather than waiting until the engagement starts, we will conduct open source intelligence gathering activities before the scoping meeting to help us understand your organisations position and risk posture thus enabling us to ask better questions, securing you higher value and saving you time.

Full Consultancy

Our team, based in the UK, is technically exceptional but we pair that with business sense to discover, triage and help you remediate the full range of security issues.

Impartiality

We are impartial, we do not sell you products or the latest buzzword laden trending solution.

Outstanding Service

We have an industry leading turnaround, agility is in our name after all. Proposals are shared with you within 24 hours of the scoping meeting. Accurate and complete daily debriefs are given during every engagement. The report is shared within 5 working days at the latest.

Scroll to Top