Long description | Microsoft 365 Security Beyond Service. |
Active | 1 |
Ask an expert
Description #
We will perform all the necessary configurations of your tenant to set up basic secured environment.
Our objective is to provide a plan and design a way to enable core Microsoft 365 security features. The project will be considered successful when all user data is fully migrated from Gmail and Google Drive to the Microsoft 365 tenant.
We take time to understand your business needs and assess the best tools and solutions. Our company provides service to small and large organizations and across many industries, helping them create, implement, and manage their cybersecurity tools and processes.
Depending on your organization's size, business model, and regulatory environment, your endpoint solution must be tailored to your company.
Our team of experts is standing by to provide expertise and unbiased guidance on the best way to implement endpoint detection and response in your security architecture.
IT Partner responsibilities #
- Gather information about your current tenant and security configurations
- Perform core configuration of your Microsoft 365 tenant: a. Basic admin protections b. Logging and analytics configuration c. Basic identity protection setup
- Checking security score and configuring it up to 75%
- Enforcing Threat Protection, e.g. connecting M365 to MS Defender for Cloud Apps
- Configuring Azure Active Directory Identity Protection
- Configuring Teams with three tiers of protection (including sharing, classification, data loss prevention, and Azure Information Protection)
- Microsoft Sentinel Initial configuration (e.g. basic M365 connectors)
- At least monthly check ups of dashboards and reports in the Microsoft 365 Defender portal, Defender for Cloud Apps.
- Look for and implement software updates.
- Look for sharing risk by reviewing the built-in reports in Defender for Cloud Apps (on the Investigate tab).
- Configure Privileged Access Workstations (PAWs) for admin activity.
- Configure Entra ID Privileged Identity Management.
- Configure a security information and event management (SIEM) tool to collect logging data from Office 365, Defender for Cloud Apps, and other services, including AD FS. The audit log stores data for only 90 days. Capturing this data in SIEM tool allows you to store data for a longer period.
- Enable and enforce MFA for all users.
- Implement a set of conditional access and related policies.
- Conduct attack simulations for spear-phishing, password-spray, and brute-force password attacks using Attack simulation training (included with Office 365 Threat Intelligence.
- Look for sharing risk by reviewing the built-in reports in Defender for Cloud Apps (on the Investigate tab).
- Continue to regularly review dashboards and reports in the Microsoft 365 Defender portal, Defender for Cloud Apps, and SIEM tools.
- Continue to look for and implement software updates.
- Integrate eDiscovery into your legal and threat response processes.
- Implement Secure Privileged Access (SPA) for identity components on premises (AD, AD FS).
- Use Defender for Cloud Apps to monitor for insider threats.
- Discover shadow IT SaaS usage by using Defender for Cloud Apps.
- Refine policies and operational processes.
Use Entra ID Identity Protection to identify insider threats.
Client responsibilities #
- Coordinate Client resources and staff schedules
- Provide a dedicated point of contact responsible for working with IT Partner
- Coordinate any outside vendor resources and schedules
- Perform changes to internal and external DNS, as required
- Configure all network equipment, such as load balancers, routers, firewalls, and switches
- Review and approve engagement deliverables in a timely manner
- Assist with identification of high-risk users (admins, top executives and VIP users)
- End user support
Additional cost items not provided by the project #
- Additional licenses that may be required
- Customer team training (could be added as an additional service)
- Corporate documents migration to SharePoint Online (could be added as an additional service)
- Desktop software settings
- Information Security Advisory services (could be added as an additional service)
Upon completion of the project, we will provide a project closeout report. This document will indicate the final project status, including acceptance criteria matching, outstanding issues (if any), and the final budget. If you require more extensive documentation, it can be provided for an additional fee.
This service offers a simple, secure, and cost-effective way to enable a secured environment.
Prerequisites #
- You must have a Microsoft 365 tenant
Plan #
The plan may vary depending on your needs.
- Kickoff meeting
- Security scope check and current configuration assessment
- User creation or AD connect tool configuration
- Security configuration start
- Security settings verification
- Security score verification
- Final email
- Verification and fixing of issues, if any
Success Criteria #
- Security score 75%. User can access Security Portal and confirm this.
- Validated Threat protection settings
- Validated Identity and access management settings
- Exchange Online Protection is configured and working
- Teams protection is configured