Microsoft 365 is not secure out of the box
Microsoft 365 is one of the most widely adopted ‘software as a service’ solutions available. Since its launch in 2011, over 300,000 UK businesses have made the move, from large to small, public and private, not for profit to PLC and everything in between.
One of the major benefits of M365 is that the business of standing up, operating, managing and monitoring an IT infrastructure is effectively ‘outsourced’ to Microsoft, allowing businesses to consume with minimal overheads. M365 is also straightforward to setup, portal driven and with the ability to get a functional system up and running in minutes. But the ease of setup that the platform provides can be its achilles heel in the event of a cyber attack.
Many organisations think that standing up an M365 instance, adding some users and setting a password policy using the default settings is all that’s required. In reality, there are many more things to consider to make sure your M365 tenancy is secure.
The Threat is Real.
Its a fact that cyber crime is on the increase. According to the UK Department for Science, Innovation and Technology Cyber security breaches survey 2023, there were over 2.39 million instances of cybercrime in the UK last year. In reality every business, organisation or service is a target for cyber criminals and its a question of when not if an attack happens to you.
The threat is real, and made more serious with reliance on services like M365 that are delivered over the public internet, readable from anywhere and where little more than a basic password policy stands between your data and a would-be hacker, if the default settings have been applied.
Assessing the Risk
To understand where your M365 tenancy configuration is putting your data at risk, NAK has designed a comprehensive security & compliance assessment service that takes a holistic view of the system configuration, definable policies, threat protection and best practice deployment. Using a tried and tested discovery framework, our consultants will review your tenancy, and deliver a full written report detailing where improvements can be made, where there is identified security risk and where the setup falls short of industry best practice deployment.
Following the assessment, you can chose to remediate the issues identified in house, or ask NAK to carry out the work on your behalf. Each security and compliance report includes a professional services quotation to implement remediation work, without obligation.
In todays world, more and more organisations are required to demonstrate that they have taken cyber security seriously. Many take the option of certifying for Cyber Essentials, with some continuing to the more stringent Cyber Essentials Plus certification. In support of this, NAK can assess your M365 tenancy and advise on any issues that would prevent compliance with these standards based certification schemes.
For more information, download the service data sheet
Conditional Access Policy
Data Loss Prevention
Antivirus & Malware
Why Work With NAK
As a next generation professional and managed service provider, NAK brings the benefits of an agile and flexible business model, staffed by industry professionals bringing years of service provider experience.
As a company, we have always believed in understanding first, acting second. Our assessment services enable you to do just that, gain deep visibility into your current environment, learning where your existing solutions are falling short and then being able to make informed decisions.