Service Summary

Secure your business data and protect users from common cyberattacks

Typical Benefits

Make more informed, data driven decisions about the risks and security of your Microsoft Office products and services
Reduce Risk of fines, data breaches, theft, and brand and reputational damage
Better utilise existing tools and configurations built into your current Microsoft services
Quickly access relevant expertise to take action and resolve any identified risks and concerns

Overview

Office 365 Built-in Protection

In 2019 the UK Government reported that 32% of UK Businesses suffered a cyber attack or data breach in the last 12 months. 

Out of the box, Office 365 has a fantastic array of tools to mitigate many of these common threats and cyberattacks however they are not enabled by default. Whilst some features do require specific licences, there are a large number of security settings that can be enabled on any Office 365 subscription.

Recommendations for all Office 365 subscriptions

Regardless of which subscription you have with Microsoft, there are a number of key security features that can be enabled. By configuring these settings, you can dramatically increase your security posture and reduce the risk to your teams and your business data.

There are over 50 built-in controls available to;

Protect your Users from identity impersonation – (28% of UK businesses have suffered identity impersonation attacks in 2019)

Safeguard your business Emails from internal and external threats – (80% of UK businesses have suffered phishing email attacks in 2019)

    • Set internal and external sharing policies for your business files
    • Configure Office 365 global security settings
    • Enable Backup for files on local machines into OneDrive for Business

This list is by no means exhaustive but simply to highlight a number of features that are available to Office 365 subscribers but not enabled by default.

Source: https://www.gov.uk/government/statistics/cyber-security-breaches-survey-2019

Our Microsoft Office 365 Security Check:

Built from our experience and also using guidelines from the UK Government National Cyber Security Centre, we have developed a 50 point health-check to assess the security of your Office 365 configuration

The security assessment reviews of configurable security settings across;

  • Azure Active Directory; the hub for identity and password control in Office 365
  • Exchange Online; responsible for email messaging and calendars
  • Sharepoint and Onedrive; the home of your business data in the Office 365
  • Global System configurations; security policies applied to the wider tenant

 

Service Delivery Experts

Scott Riley

Our Requirements of You

* Ensuring an executive sponsor from your organisation is allocated to the engagement, communicates the rationale behind it and signs off any ‘Terms of Reference’.
* Assisting in all possible ways to ensure that a contract, (and confidentiality agreement where necessary) is in place, in advance of any work commencing.
* Ensuring all support is in place and access is granted for “view-only” access to relevant Microsoft technologies, all and any required data, processes, policies, and nominated resources to enable successful delivery of the engagement.

Our Commitments to You

* Provide support throughout service delivery using our World Class Professionals and Subject Matter Experts.
* Provide a high quality deliverable in a timely manner and in line with agreements upon engagement with the client.
* Provide deep insights and genuine value-add in all possible areas throughout the engagement.
* Provide progress updates and feedback at regular intervals, agreed in advance or at the engagement ‘kick off session’.
* Respect all personal and professional development of client team members throughout the engagement.

Deliverables

We’ll produce a 50 point check-list report which will show you;

The Severity Level 

How serious is the risk of not having this element configured properly?

The Attack Kill Chain

i.e. where does this risk occur and is the appropriate protection in place;

  • Is it Pre-Breach i.e. before an attacker gets in; or
  • Post-Breach, alerting you that something has happened which needs investigation; or 

Immediate action to be taken.

Outcomes

With our report and guidance in hand, you’ll have a full view of the current risks and what actions need to be taken to secure your Office 365 configuration

Available Service Engagement Models

*This service may be engaged via multiple engagement model options to provide maximum flexibility.

Project Based Engagement

Project based engagements operate on the basis of agreeing work and any outcomes or milestones for delivery in advance of commencement of any engagement in a ‘Statement of Work’. Prices are fixed for the agreed deliverables and should changes be required, these may incur changes to delivery costs. Payment for Project Based Engagements are agreed on a case-by-case basis, giving consideration to risk, contract value, client payment history, relationship longevity and duration.

Network Units

Network Units enable complete flexibility around any engagement. When using Network Units, clients can swap and change delivery experts, scope and duration of engagements in a frictionless manner with very little notice, in line with the quantity of Network Units purchased. Network Units can be purchased in blocks of any size and at any time and are billed in full at point of purchase.

Focus In On: Responsible for Cyber Security / CISO

New Areas of Value:

Make more informed, data driven decisions

Reduce Risk of fines, theft & Reputational Damage

Better Asset Utilisation & Reduced Waste

Improvements around:

Lack of Asset Management

Lack of access to relevant expertise

Relevant Business Perspectives