Microsoft 365-based Security and Data Management - Consulting

Security service consulting at E3 and E5 levels

Microsoft 365 E3

  1. Setting up alert policies for tracking nonstandard and suspicious user and administrator actions (a user got Exchange admin privileges; an administrator got access to a user’s email; an administrator activated DLP policies; there is activity from anonymous IP address, etc.); for tracking malware activity and data loss cases (unusual data deletion activity; unusual external drive activity when working with data, etc.). 1-2 hours.
  2. Exchange Online 2. Legal (mandatory) email logging. Setting up a corporate email logging policy that saves emails even when the user tries to delete the messages or emails. Providing an additional level of information security, as well as savings on the email backup system. 1-2 hours.
  3. Advanced Threat Analytics. Setting up nonstandard user behavior control for account registration (nonstandard access time; nonstandard user location; unusually large number of login attempts with a wrong password, etc.). Setting up alerts for possible security and logging policy violations. 1-2 hours.
  4. Applocker. Creating a whitelist of allowed files and applications, setting up the applicability of this list. 1-2 hours.
  5. Setting up a Single Sign-On (SSO) system for pre-installed SaaS and proprietary applications. 2-3 hours.
  6. Setting up Intune to centralize workstation management when adding them to AD in the cloud. Managing and securing information for corporate mobile devices, laptops, and PCs.
    1. Mobile Applications Manager – creating and applying loaded application policies.
    2. Full Wipe – setting up the ability to destroy data on stolen or lost devices.
    3. Self-Service Group Management – setting up user group management powers delegation.
    4. Setting up the option to let cloud users change their passwords themselves.
    1-2 hours.
  7. Setting up multifactor authentication. Verifying that the user is authentic after entering a password by using a phone call, text message, or an application code. 2-3 hours.
  8. Exchange Online 2. Setting up an internal Data Loss Prevention (DLP) system. Setting up a data transfer blocking system to focus on specific confidential data examples (what to look for). Setting up search parameters (personal and general emails; sent, received, deleted emails; mass emails or targeted; at any time or based on dates). Setting up actions – blocking emails or simply triggering notifications. 1-2 hours.
  9. E-discovery. Setting up the ability to search for documents in the email and file systems to provide information for regulator requests and ensuring compliance with standards: what we’re searching for; when (always or just once); and where (everywhere or in specific services at a specific time); what do we do with the results; what type of log is needed. 1-2 hours.
  10. Azure Information Protection. Setting up a secure confidential document transfer system for sending documents outside the company perimeter. Setting up read/write privileges for the recipient. Defining clients, setting up services, creating and applying the file classification policy. 1-2 hours.

Microsoft 365 E5

  1. O365 Advanced Threat Protection.
    1. Security against ransomware and phishing (verifying the authenticity of links in emails like “You are hereby summoned to court for not paying your taxes, link below” and “Someone tried to withdraw money from your card, to block the transaction enter your online banking password via this link”).
    2. Security for your organization against malware and infected files in Exchange, SharePoint, OneDrive, and Microsoft Teams (launching all email attachments in a secure application in a virtual sandbox, testing files loaded into data storage)
    3. Spam protection.
    Setting up policies, the level of test complexity, and the selectiveness of tests for various categories of employees. 1-2 hours.
  2. Windows Defender Advanced Threat Protection. Additional protection against threats detected by heuristic and cloud analytics. Setting up parameters. 1-2 hours.
  3. Cloud App Security. Managing user actions on the Internet (including reporting on shadow IT resources): which cloud and personal applications were launched by which user; what sites did the users visit; what did they download. Setting up policies and control and notification parameters. Behavior analytics, managing anomalous resource use and security incidents. 2 hours.
  4. Advanced Data Governance. Setting up data lifecycle and automatic classification policies, applying them to data search and storage (e.g. if there are 20 numbers in a row in a document, it gets tagged as a banking document, and becomes available to external users only for a few days). Deleting extraneous and expired data that could cause risks for the company. Setting up sensitivity tags to classify emails, documents, sites, etc. (e.g. an encryption tag, a tag for access control to a specific website). Setting up notifications for determining data management risks such as “deleting a file of an unusual size”, as well as creating your own notifications and setting up conditions and threshold values to trigger them. 2 hours.