Office 365 Complete Protection
If you are an Office 365 administrator or are in charge of your companies office 365 investment, you may be familiar with the Office 365 security center, Secure Score, Exchange Online Protection, compliance center, report center and Admin center. Or you are like most of us and are familiar with all of these tools but haven't got the skill, time or both to use them successfully and have anxiety opening up eleventeen tabs and starting to click changes that lead to a rabbit hole of suffering. So instead you ignore most of them until they become an issue and face them when you need to. Usually this is the time someone at the company has been phished and your company data has already been compromised.
Well if that person sounds a little like you or your team, we have something to make life a little easier to comprehend and navigate with our Office 365 Complete Protection offering.
We have categorised all the features and settings in the Admin Center, Secure Score, Security Center, Compliance Centre and Exchange Online Protection into modules that our experienced team can either assist your team deploy with a hands on approach or?. We ensure that the biggest asset in your company, the people, are educated about the changes, and educated on how to deal with dodgy emails in the future. We protect your backend systems alerting your team to phishy mails, and dodgy looking logins and much more.
Once we have completed our thorough hands on audit, your company secure score will be through the roof. And once we have left your team to take over all the now up to date centers, a customized report will consolidate all threats and intel into one easy to read email sent on a weekly basis, and immediately when a threat is detected. Making sure that even once we have left the building you still get the goods.
Our Process
We have an initial meeting to meet and greet the key stakeholders and the team involved in the project.
Our team will reach out to get delegated administrator rights in order for us to complete an assessment of what is needed.
A proposal will then be send through based on what is needed to be completed and agreed on.
Once accepted a project plan will be drawn up and each step completed.
Establish Security Culture
Take cybersecurity seriously. You are responsible for reducing risk, training your staff, and setting the example. Routinely update and patch all systems. Human error is the number one cause of breaches. Phishing continues to be a leading method of attack. Train your staff to be on guard for suspicious messages.
We help you to inform your people about the upcoming changes and what is expected to happen and what is expected from them. This ensures a smooth change and the team is aware and ready but most importantly empowered and prepared.
Protect your documents and email
Stats show that over 90% of attacks happen via email or shared documents. Our team completes the best practices around protecting your email and documents.
Documents
- Discover on-premise content
- Discovery cloud content
- Classify and label
- Monitor and remediate
- Anti-phishing policies
- Safe Links policies
- Safe Attachments policies
- Set up SPF to help prevent spoofing
- Use DKIM to validate outbound email sent from your custom domain in Office 365
- Use DMARC to validate email in Office 365
- Deploy the Report Message add-in or the Report Phishing add-in to improve end-user reporting of suspicious email
- Schedule Malware and Spam Reports
- Auto-forwarding to external domains should be disallowed or monitored
- Unified Auditing should be enabled
- Disable IMAP, POP, PowerShell, EWS connectivity and SMTP
- Enable Spoof Intelligence
- Directory-Based Edge Blocking
- MFA
Configure Office 365 Settings
We cover the basics to make sure they are already in place. Based off experience we find that a number of must have Office 365 settings are not completed, this step involves exactly that, completing what needs to be done first.
- Update Region and industry settings
- Add a retention policy
- Enable Extra Storage
- Anti-Phishing Policy
- Spam Policy
- Review Governance Dashboard
- Review GDPR Dashboard
Complete Microsoft Secure Score
This is the real meat of the project. An old African proverb says that if you come across a lion in the jungle and you are with a another person, you don’t need to out run the lion to stay prevent being attacked, you simply need to outrun the person you are with. Most companies Secure Score is very low, we make sure we fix that for your company almost immediately. And what's more we put your score so high that most attackers are discouraged when analysing your network thus lowering your overall risk.
- Ensure all users can complete multi-factor authentication for secure access
- Enable policy to block legacy authentication
- Turn on sign-in risk policy
- Turn on user risk policy
- Create an OAuth app policy to notify you about new OAuth applications
- Do not allow users to grant consent to unmanaged applications
- Create an app discovery policy to identify new and trending cloud apps in your org
- Require MFA for administrative roles
- Configure which users are allowed to present in Teams meetings
- Only invited users should be automatically admitted to Teams meetings
- Deploy a log collector to discover shadow IT activity
- Enable self-service password reset
- Turn on customer lockbox feature
- Remove TLS 1.0/1.1 and 3DES dependencies
- Restrict anonymous users from joining meetings
- Limit external participants from having control in a Teams meeting
- Do not expire passwords
- Enable Password Hash Sync if hybrid
- Create a custom activity policy to get alerts about suspicious usage patterns
- Use limited administrative roles
- Designate more than one global admin
- Restrict anonymous users from starting Teams meetings
- Restrict dial-in users from bypassing a meeting lobby
Prepare and automate simulated attacks
With the ability to setup simulated attacks to identify potential user training on an ongoing and automated basis is the key to constant awareness that is needed to protect your domain. We setup a scheduled simulated monthly attack that targets your people to do exactly this, and then report on who potentially needs training on not to click malicious links, or open documents that are not for them.
Setup automated reporting
We need to show our work, and since a lot of what is completed in step 1 to 5 is incredibly important, without a dynamic report it will go unnoticed. Our custom report is built around your company environment and contains specific details that you are able to present and action.
- To do
- Incidents
- Risky Users
- Alerts
- Vulnerability Management
- Devices
- Quarantine Mail
- Blocked Mail
- Attack Simulation Results