AzureAD - Office 365 Security Configuration Assessment

AzureAD and Office 365 workloads includes several security configurations controls that must be configured and enabled explicitly by the customer within their tenant based on their security and compliance requirements.

The AzureAD/Office 365 security configuration assessment helps the customer to understand the state of their current configuration and provides security configuration recommendations to improve their security posture. 

Which topics are covered?

The security configuration assessment covers security-relevant configuration settings within AzureAD and Office 365 workloads. Covered are following settings: 

AzureAD

Office 365

The three phases of this service

The AzureAD/Office 365 Security Configuration Assessment consist of three phases, which are introduced below. 

  • Assessment

    During this phase baseVISION’s Security Consultant will review the current AzureAD / Office 365 security-relevant configuration settings.

In addition to reviewing the actual configuration settings, when available, the following customer documentation should be shared:

  • AzureAD / Office 365 services architecture / configuration documentation
  • User lifecycle process
  • Guest user lifecycle process
  • Device lifecycle process
  • Groups lifecycle process (AD Groups, AzureAD groups)
  • AzureAD/Office 365 License management
  • AD/AzureAD naming standards

The assessment report will indicate whether important security configuration settings or processes are referenced within existing documentation or not.

  • Analysis

    baseVISION’s Security Consultant will prepare the security configuration assessment report that includes current configuration settings, findings, and recommendations.

The analysis is conducted as following:

  • Review of actual configuration settings within AzureAD/ Office 365
  • Review of customer supplied documentation
  • Questions asked during customer interview session(s)
  • Review

    During the review phase, baseVISION’s Security Consultant and customer representatives will jointly go through the assessment report and discuss the findings and proposed actions.

The Security Configuration Assessment report includes the following:

  • Overview of assessment scope
  • For each assessed item:
    • Description
    • Current configuration
    • Recommendations
    • Actions
  • Summary of recommended actions

Don't hesitate to contact Alex Verboon

Are you interested in further information? Don't hesitate to contact Alex Verboon and his team. Still not sure about a partnership with baseVISION? Check out our references. 

Contact Alex Our Customers
Linked services and products to AzureAD – Office 365 Security Configuration Assessment:

You may also like…

Interested? Alex Verboon will be glad to give you further assistance.

Principal Cyber Security Consultant

You have a special request or want more information?