How the Microsoft 365 Security Review Works
The Microsoft 365 Security Review, or Microsoft 365 Security Assessment, is a flat fee engagement that evaluates the Microsoft 365 environment against 29 security controls that are a combination of ProArch’s do-first controls, Microsoft Secure Score, and industry-standard best practices.
The security controls are broken down by risk impact level, from most critical to least.
Critical Impact Controls: Multi-factor authentication, global admin configuration, and email protection
High Impact Controls: Sign-in policies, audit logging, and mailbox security
Medium Impact Controls: Sharing policies, spam filters, and suspicious activity alerts
Low Impact Controls: Custom login portal, application control, and mail flow rules
Understand where the Microsoft 365 environment stands against the security controls required to improve protection against malicious actors.
Receive a clear picture of the Microsoft 365 cloud environment security posture and a plan for reducing risk.
In a separate engagement, ProArch can implement the security configurations, policies, and settings to increase security.
Security Consultants prioritize the recommended security controls based on level of risk
Identifies unique details for each control that will assist with remediation
Documents if the control is not implemented or already implemented