WHAT IS O365 SECURITY ASSESSMENT?
Office 365 audit consists of following 3 main activities and many sub activities:
1. Active Directory and Azure AD Hybrid identity assessment for Office 365 authentication.
Synchronization services setup and location;
Synchronization Accounts and permissions;
User authentication flow and options;
High availability of synchronization tools;
Authentication setup and configuration (assessing whether appropriate tools are being used in current deployment);
Password policies and non-expiring passwords;
Errors in synchronization tools and possible solutions.
2. Office 365 configuration assessment
Office 365 Admin accounts and permissions
Office 365 Multi-Factor Authentication for Azure AD privileged roles and users
Auditing configuration and reports
External communication setup for Skype or Teams
Skype or Teams security configuration
SharePoint and OneDrive External sharing report
SharePoint sites permission report
Recommendations for data protection
Office 365 Exchange online configuration – mailbox delegation, automatic forwarding rules, calendar sharing, mailbox auditing.
Office 365 assigned licenses
3. Overall recommendations for security hardening and best practices.
WHAT ARE REQUIREMENTS TO RUN SERVICE?
To perform O365 security assessment, we need 2 things:
1. Remote access to your environment;
2. Domain Administrator account with permissions on AD Synchronization servers and Office 365 Global Admin account for Office 365 Assessment.
WHAT DO I GET?
As a result of our activities, we will prepare for you O365 security audit report, which will include:
1. Active directory Synchronization services evaluation and recommendations for security hardening;
2. Office 365 configuration evaluation and recommendations of security hardening and best practices:
Management best practices.
3. On top of documentation, we will run presentation via on-site or online meeting.
We are happy to share our knowledge, experience and expertise. Let us know what you need, and we will contact you directly.