EPAM Microsoft 365 Security: 4-Week Assessment

• This assessment is an effective way to gain valuable insights into an enterprise Microsoft 365 environment. It will give a holistic IT and security posture report with best-in-market recommendations.
• OBJECTIVES
	○ Assess the current security posture of all Microsoft 365 components. Answer the questions: “Is the customers and their data safe?” and “What are the top gaps by criticality?”
	○ Provide roadmap and suggested hardening steps for Microsoft 365 security using proven SecOps approach
• SCOPE
	○ Conduct workshops and interviews with SMEs and Stakeholders
	○ Assess Microsoft 365 tenant against security best practices, NIST,CIS,CMM benchmarks
	○ Assess information governance and data flows
	○ Review Identity governance, Azure AD
	○ Review Exchange, Sharepoint, OneDrive, Teams, MDM/MAM, MCAS, MDATP, Flows, IRM, DLP, Archives, eDiscovery, Message management, Compliance Center, MFA, Teams, Power BI, Dynamics365, encryption configuration settings
	○ Documentation review and cross-check against Microsoft 365 security implementation
	○ Review operational procedures (ondoarding, offboarding, security SOP, others) based on ITIL framework
	○ Backlog development and create a roadmap for hardening Microsoft 365 services
• WHY NOW?
	○ Performing a risk assessment of a Microsoft 365 is now more critical than ever before. It allows you to understand the full threat landscape: on-prem and cloud tenants. The risks and vulnerabilities to the organization will change over time; however, if the organization continues to follow a risk assessment methodology, it will be in an excellent position to address any new risks and vulnerabilities that arise
	○ Huge utilization of Microsoft 365 as well as the fact that cloud users, admins, and "violators" all working from home and outside of the perimeter, all familiar and brand-new security risks increase disproportionally.
	○ Performing a risk assessment for Microsoft 365 is about validating current Security Controls