Online security has recently become a top priority for organizations of all sizes. Microsoft 365 for Business is a great and affordable solution to boost your productivity, improve your business security and reduce costs at the same time. IT Partner helps small and large businesses create, implement, and manage their cybersecurity tools and processes. Our team of experts is standing by to provide expertise and unbiased guidance on the best way to implement endpoint detection and response in your security architecture.
Our goal is to properly configure your tenant-wide settings to increase the security of your Microsoft 365 environment and keep your sensitive data protected. The project will be considered successful once we enable core security features and perform all the necessary configurations of your tenant to set up your secure environment.
IT Partner responsibilities #
-
Set up Multi-Factor Authentication. Analyze and choose the best method of MFA based on your security requirements:
- Method 1: Enable and disable security defaults.
- Method 2: Implement a set of conditional access and related policies. (Entra ID P1/P2 required)
-
Protect your admin accounts.
- Create a separate account for user management and a dedicated admin workstation based on roles and functions in your organization.
- Configure a set of admin accounts to limit the number of global admins and limit their privileges.
- Set up built-in roles for assigning permissions where possible.
-
Use preset security policies for Microsoft 365 Defender.
- Determine the profile and the level of protection required for your email and collaboration content.
- Create and assign preset security policies to users.
-
Protect all devices.
- Deploy Microsoft Defender for Endpoint.
- Connect your devices to Entra ID.
- Set up managed devices using basic Intune configuration
-
Implement Microsoft Teams for collaboration and sharing
- Create Teams for collaboration
- Set up meetings
- Share files and videos
- Create a communication site
-
Set up sharing settings for SharePoint and OneDrive.
- Review and adjust your sharing policies
-
Train users on Office and Microsoft 365.
- Conduct attack simulations for spear-phishing, password-spray, and brute-force password attacks using Attack simulation training (included with Office 365 Threat Intelligence).
- Training for the Office client applications and services, such as Access, Excel, OneDrive, OneNote, Outlook, PowerPoint, Word, and Teams.
-
Check and complete possible secure score recommendations
Client responsibilities #
- Coordinate Client resources and staff schedules
- Provide a dedicated point of contact responsible for working with IT Partner.
- Configure all network equipment, such as load balancers, routers, firewalls, and switches.
- Perform changes to internal and external DNS, as required.
- Review and approve engagement deliverables in a timely manner.
Additional cost items not provided by the project #
1.Maintain your environment on an on-going basis. 2.Additional licenses that may be required.
Prerequisites #
- You must have a Microsoft 365 tenant with global admin role
- You must have access to your email domain DNS zone
- Regular control and monitoring after implementation
Plan #
- The plan may vary depending on your needs.
- Kickoff meeting
- Scope check and current configuration assessment
- Configure and/or implement required services
- Secure score verification
Success criteria #
- MFA is enabled for all users.
- Microsoft 365 admin accounts reviewed and changes implemented to match best-practices recommendations
- Microsoft 365 Defender policies implemented
- Required devices connected to Entra ID and managed by Intune
- End-user training performed
- Microsoft Teams Implemented as company communication and collaboration system
- SharePoint Online and OneDrive sharing configuration adjusted
Share
Related services
In-Place Archive Migration
In-Place Archive Migration involves migration of archive mailboxes from Exchange Server or Exchange Online to Microsoft 365.
Microsoft Sentinel - Monitor file access and permission changes in SharePoint Implementation
This service implements a small functionality of Microsoft Sentinel and focuses on controlling the work with certain files or folders for SharePoint Online, OneDrive, and Microsoft Teams.