Microsoft 365 Security Assessment: 3-Week Assessment

Spyglass’s 3-Week Microsoft 365 Security Assessment captures your current security state and documents a plan to safeguard your entire organization with Microsoft’s integrated security, compliance, and identity solutions built to work across the Microsoft 365 platform. The focus of the $35k assessment is to determine specific configurations, architectures, and solutions that will maximize return on investment from already purchased licensing and to meet the unique use cases and requirements needed to conduct business securely using the licensed Microsoft 365 solutions. The solutions include all of the Microsoft 365 console configurations, Defender Products, Microsoft Endpoint Management, Azure AD premium components, Information Protection, and Compliance monitoring. The Spyglass methodology allows for recommendations to be tailored to the specific requirements and use cases currently in place as well as the future needs of the company. Recommendations made are aligned to the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM). For this assessment, we will complete discover sessions across many different security domains and perform a configuration review of cloud environments.

Assessment Agenda: · Pre-engagement Discussions · Discovery sessions that deep dive into each domain. · Console and Portal reviews to validate configurations · Defining desired or future state objectives discussions · Deliverable and recommendation creation

Spyglass will focus our assessment on the following security domains: · Governance and Risk · Identity and Access Management · Architecture · Data Protection · Threat Detection and Visibility · Incident Response · Application Security · Infrastructure Security · Management Plane and Business Continuity · Legal · Compliance and Audit Management

Assessment Deliverables: Recommendations Document, Remediation Roadmap, and an Executive Summary presentation.