Microsoft365 security review

Uncover the hidden threats within your Microsoft 365 environment

Take a holistic approach to leveling-up Microsoft 365 security for the long-term

Don’t Let Overlooked Microsoft 365 Security Risks Create a Large Attack Surface

Microsoft 365 is a staple solution for many organizations because the cloud-based solution provides strong value in its breadth of services. It’s also appealing because administration and security functions are much simpler than an on-premise infrastructure.

However, most organizations don’t realize that the default Microsoft 365 configurations are inherently insecure, and because Microsft 365 often hosts some of an organization’s most critical data, it is often exploited by malicious attackers.

Relying on default security configurations can create a large, unmitigated attack surface.

Common Challenges with a Shared Security Model

As is common to any cloud delivered service, there is a shared responsibility mode associated with the use of Microsoft 365 services. Microsoft operates the most hardened and up-to-date versions of Exchange Online and other services, creates redundancy through multiple data centers, and provides a platform for securing your organization’s data.

It is up to subscribers of their service, however, to determine how they are going to use the platform as well as secure their assets.

Even in mature organizations, we commonly find critical issues that open the potential for data disclosure, policy violations, and potential compromise. In many cases, these attack vectors are well known and easy to exploit. Issues we commonly uncover include:

  • Over-exposed or publicly available content
  • Over-delegated permissions, including users having unnecessary admin rights and privileges to access data and change configurations
  • Insecure default configurations​, which can allow for data exfiltration via power shell by a standard, non-administrative user
  • Legacy protocol access​ that can bypass multifactor authentication, enabled by default
  • Lack of inspection and visibility into risky logon events and application usage

A Holistic Approach to Leveling-Up Your Microsoft 365 Security for the Long-Term

Echelon’s unique approach to Microsoft 365 Security Review combines our full scope of expertise as offensive security operators, defensive implementors and strategic cybersecurity advisors to deliver a comprehensive evaluation of your Microsoft 365 and Azure AD environments.

Our knowledge of past, present, and upcoming features and security updates to the platform, combined with our deep understanding of the ways Microsoft 365 can be compromised from an attacker’s perspective, allows us to offer sound security advice that is up-to-date with current known and unknown attack paths.

Our holistic assessment approach goes beyond providing yet another ‘to-do’ list of vulnerabilities to remediate. Our goal is to empower you to take advantage of capabilities within your Office 365 tenant to mitigate risk and maximize your existing investments for the long term.

With the guidance we provide, you’ll be able to:

  • Make the best decisions surrounding your MS 365 licensing strategy
  • Gain increased visibility and confidence with your IT investments
  • Evaluate licensed functionality to make the best decisions surrounding your licensing strategy
  • Gain visibility into insecure default configurations
  • Prioritize risks based on severity
  • Understand the business impact of any remediation steps required

Microsoft 365 Security Assessments

We inspect hundreds of controls, including (but not limited to):

  • Authentication mechanisms, password policies, and protocols
  • Azure Active Directory security controls
  • Application permissions within your Microsoft 365 tenant
  • Data management features, including Data Loss Prevention (DLP) policies
  • Microsoft Exchange (email) security controls and features
  • Auditing controls and policies
  • Data storage policies, such as sharing policies and permissions
  • Mobile device management capabilities

Streamlined Process Deliver Results

We deliver our services via a streamlined process that won’t tie up your IT and security resources. We communicate at every step of the way as we deliver:

  1. Project planning and execution
  2. Remotely delivered assessments, requiring only the most basic ‘read-only’ access provisions
  3. Detailed reports that provide problem descriptions, rational statements, risk rankings, and remediation advice
  4. Operational overviews of MS 365 environment to add value to IT and security teams
  5. Guided remediation assistance as needed, to help you achieve measurable security improvements
Are you ready to get started?