https://store-images.s-microsoft.com/image/apps.40403.6bfa7519-b8c5-4c4b-a36a-f5be08e70ab1.a66d5182-35a5-4cc3-bec4-55f0873a0917.a5d9b977-0125-4488-9fb1-5dc549aeecf9

EPAM Microsoft 365 Security: 4-Week Assessment

EPAM

• EPAM's Microsoft 365 Security Assessment uses a combination of various industry best practices and frameworks to understand current security posture, critical gaps and future state of Microsoft 365

• This assessment is an effective way to gain valuable insights into an enterprise Microsoft 365 environment. It will give a holistic IT and security posture report with best-in-market recommendations.
• OBJECTIVES
	○ Assess the current security posture of all Microsoft 365 components. Answer the questions: “Is the customers and their data safe?” and “What are the top gaps by criticality?”
	○ Provide roadmap and suggested hardening steps for Microsoft 365 security using proven SecOps approach
• SCOPE
	○ Conduct workshops and interviews with SMEs and Stakeholders
	○ Assess Microsoft 365 tenant against security best practices, NIST,CIS,CMM benchmarks
	○ Assess information governance and data flows
	○ Review Identity governance, Azure AD
	○ Review Exchange, Sharepoint, OneDrive, Teams, MDM/MAM, MCAS, MDATP, Flows, IRM, DLP, Archives, eDiscovery, Message management, Compliance Center, MFA, Teams, Power BI, Dynamics365, encryption configuration settings
	○ Documentation review and cross-check against Microsoft 365 security implementation
	○ Review operational procedures (ondoarding, offboarding, security SOP, others) based on ITIL framework
	○ Backlog development and create a roadmap for hardening Microsoft 365 services
• WHY NOW?
	○ Performing a risk assessment of a Microsoft 365 is now more critical than ever before. It allows you to understand the full threat landscape: on-prem and cloud tenants. The risks and vulnerabilities to the organization will change over time; however, if the organization continues to follow a risk assessment methodology, it will be in an excellent position to address any new risks and vulnerabilities that arise
	○ Huge utilization of Microsoft 365 as well as the fact that cloud users, admins, and "violators" all working from home and outside of the perimeter, all familiar and brand-new security risks increase disproportionally.
	○ Performing a risk assessment for Microsoft 365 is about validating current Security Controls and

Sekilas

https://store-images.s-microsoft.com/image/apps.44173.6bfa7519-b8c5-4c4b-a36a-f5be08e70ab1.a66d5182-35a5-4cc3-bec4-55f0873a0917.dcc8b229-ba56-4381-abb9-99c3ca4a6c04
https://store-images.s-microsoft.com/image/apps.49335.6bfa7519-b8c5-4c4b-a36a-f5be08e70ab1.a66d5182-35a5-4cc3-bec4-55f0873a0917.39733cae-30c2-4367-ac7a-6a97366c2a0b