AzureAD – Office 365 Security Configuration Assessment

Analyze and improve your AzureAD and Office365 security configurations

AzureAD and Office 365 workloads includes several security configurations controls that must be configured and enabled explicitly by the customer within their tenant based on their security and compliance requirements.

The AzureAD/Office 365 security configuration assessment helps the customer to understand the state of their current configuration and provides security configuration recommendations to improve their security posture. 

Which topicss are covered?

The security configuration assessment covers security-relevant configuration settings within AzureAD and Office 365 workloads. Covered are following settings: 

  • Identity synchronization
  • Authentication Methods
  • User Setting 
  • Group Settings
  • Device Settings
  • Privileged role and accounts
  • AzureAD multifactor authentication
  • Tenant emergency account
  • Audit logging
  • Other security related settings
  • Processes
  • Exchange Online 
  • SharePoint Online 
  • OneDrive
  • Teams

The three phases of the service

The AzureAD/Office 365 Security Configuration Assessment consist of three phases, which are introduced below. 

  • Assessment

    During this phase baseVISION’s Security Consultant will review the current AzureAD / Office 365 security-relevant configuration settings.

In addition to reviewing the actual configuration settings, when available, the following customer documentation should be shared:

  • AzureAD / Office 365 services architecture / configuration documentation
  • User lifecycle process
  • Guest user lifecycle process
  • Device lifecycle process
  • Groups lifecycle process (AD Groups, AzureAD groups)
  • AzureAD/Office 365 License management
  • AD/AzureAD naming standards

The assessment report will indicate whether important security configuration settings or processes are referenced within existing documentation or not.

  • Analysis

    baseVISION’s Security Consultant will prepare the security configuration assessment report that includes current configuration settings, findings, and recommendations.

The analysis is conducted as following:

  • Review of actual configuration settings within AzureAD/ Office 365
  • Review of customer supplied documentation
  • Questions asked during customer interview session(s)
  • Review

    During the review phase, baseVISION’s Security Consultant and customer representatives will jointly go through the assessment report and discuss the findings and proposed actions.

The Security Configuration Assessment report includes the following:

  • Overview of assessment scope
  • For each assessed item:
    • Description
    • Current configuration
    • Recommendations
    • Actions
  • Summary of recommended actions
Linked services and products to AzureAD – Office 365 Security Configuration Assessment:

Do you have a special request or want more information? We are happy to help you.