Description #
We will perform all the necessary configurations of your tenant to set up basic secured environment.
Our objective is to provide a plan and design a way to enable core Microsoft 365 security features. The project will be considered successful when all user data is fully migrated from Gmail and Google Drive to the Microsoft 365 tenant.
We take time to understand your business needs and assess the best tools and solutions. Our company provides service to small and large organizations and across many industries, helping them create, implement, and manage their cybersecurity tools and processes.
Depending on your organization's size, business model, and regulatory environment, your endpoint solution must be tailored to your company.
Our team of experts is standing by to provide expertise and unbiased guidance on the best way to implement endpoint detection and response in your security architecture.
IT Partner responsibilities #
- Gather information about your current tenant and security configurations
- Perform core configuration of your Microsoft 365 tenant: a. Basic admin protections b. Logging and analytics configuration c. Basic identity protection setup
- Checking security score and configuring it up to 75%
- Enforcing Threat Protection, e.g. connecting M365 to MS Defender for Cloud Apps
- Configuring Azure Active Directory Identity Protection
- Configuring Teams with three tiers of protection (including sharing, classification, data loss prevention, and Azure Information Protection)
- Microsoft Sentinel Initial configuration (e.g. basic M365 connectors)
- At least monthly check ups of dashboards and reports in the Microsoft 365 Defender portal, Defender for Cloud Apps.
- Look for and implement software updates.
- Look for sharing risk by reviewing the built-in reports in Defender for Cloud Apps (on the Investigate tab).
- Configure Privileged Access Workstations (PAWs) for admin activity.
- Configure Entra ID Privileged Identity Management.
- Configure a security information and event management (SIEM) tool to collect logging data from Office 365, Defender for Cloud Apps, and other services, including AD FS. The audit log stores data for only 90 days. Capturing this data in SIEM tool allows you to store data for a longer period.
- Enable and enforce MFA for all users.
- Implement a set of conditional access and related policies.
Client responsibilities #
- Coordinate Client resources and staff schedules
- Provide a dedicated point of contact responsible for working with IT Partner
- Coordinate any outside vendor resources and schedules
- Perform changes to internal and external DNS, as required
- Configure all network equipment, such as load balancers, routers, firewalls, and switches
- Review and approve engagement deliverables in a timely manner
- Assist with identification of high-risk users (admins, top executives and VIP users)
- End user support
Additional cost items not provided by the project #
- Additional licenses that may be required
- Customer team training (could be added as an additional service)
- Corporate documents migration to SharePoint Online (could be added as an additional service)
- Desktop software settings
- Information Security Advisory services (could be added as an additional service)
Upon completion of the project, we will provide a project closeout report. This document will indicate the final project status, including acceptance criteria matching, outstanding issues (if any), and the final budget. If you require more extensive documentation, it can be provided for an additional fee.
This service offers a simple, secure, and cost-effective way to enable a secured environment.
Prerequisites #
- You must have a Microsoft 365 tenant
Plan #
The plan may vary depending on your needs.
- Kickoff meeting
- Security scope check and current configuration assessment
- User creation or AD connect tool configuration
- Security configuration start
- Security settings verification
- Security score verification
- Final email
- Verification and fixing of issues, if any
Success Criteria #
- Security score 75%. User can access Security Portal and confirm this.
- Validated Threat protection settings
- Validated Identity and access management settings
- Exchange Online Protection is configured and working
- Teams protection is configured
Share
Related services
Microsoft 365 Security Beyond Service
Microsoft 365 Security Beyond Service.
Microsoft 365 Security 30 Days Service
Microsoft 365 Security 30 Days Service.