Microsoft 365 security check & coaching
Microsoft 365 security check and coaching
If your company already uses Microsoft 365 or intends to do so in the future, our Microsoft 365 Security Check and Coaching service can significantly improve your security in the cloud. Our specialists check whether the configuration and control of your Microsoft 365 environment meet your security requirements and best practice, and support you in the secure configuration and operation of your environment.
Microsoft 365 security check
Our know-how from over 30 years of experience in information security & auditing makes us your specialist for carrying out a Microsoft 365 security check.
Procedural model Microsoft 365 security check
The central component of the Microsoft 365 Security Check is to conduct an audit of the technical and organisational framework conditions for the use of the M365 platform by your organisation. When using M365, information security risks arise with regard to confidentiality, availability and integrity of the organisation's own information. Swiss Infosec AG supports you in the systematic identification, analysis, assessment and treatment of these risks in order to ensure the protection of your organisation's information against external and internal threats.
The security check itself consists on the one hand of an examination of the organisational aspects regarding the use of Microsoft 365 and on the other hand of a technical examination of the configuration of your M365 tenant. The following topics, always relating to Microsoft 365, are checked in the process:
- Conformity and compliance with your organisation's legal and contractual obligations
- Protection requirements and classification of your information
- Roles and responsibilities for information security in Microsoft 365
- Strategy and guidelines for the use of Microsoft 365
- Roles and authorisation concept
- Documentation and inventory
- Access control
- Identity management
- Authentication methods
- Use of encryption
- Data backup and resilience
- Data Leakage Protection (DLP)
- Change management
- Contract management
- Training for cloud services
- Cloud services monitoring
Optionally, the scope of testing can be expanded:
- Recommendations for the use of Azure Information Protection (AIP)
- Checking the security settings of the clients
- Policy check of Microsoft Intune or other unified endpoint management (UEM) solutions
Microsoft 365 security coaching
Our specialists are also happy to contribute our know-how regarding information security, Microsoft 365 and projects directly to your Microsoft 365 project. We actively support you within the scope of your project, in the creation of the corresponding specification documents or in the implementation of specific security aspects in Microsoft 365.
Have a Microsoft 365 Security Check carried out now!
From us, the specialist for information security and auditing, for SMEs from as little as CHF 9.800.
Head IT Security,