Microsoft 365 Security: Azure Security
Borderless CS is a Microsoft partner
Specialists in Microsoft 365 Security Assessment & Implementation
Misconfiguring the Microsoft 365 Azure platform security settings remains a significant threat to Australian businesses due to unauthorised access, insecure interfaces/APIs, external data sharing, malicious insiders, and cyberattacks leading to data breaches.
Our M365 and Azure security consulting and advisory services will ensure your Microsft 365 and Azure environment is secure and protected.
Microsoft 365 Azure Security Assessment and Implementation Specialist
Our aim is to help you identify potential gaps in your Microsoft 365 Azure Cloud platform and develop the Security strategy and configuration.
-
Entra ID (Azure AD) Security Assessment and Configuration
-
Microsoft Teams Security Assessment and Configuration
-
Microsoft Exchange Security Assessment & Configuration.
-
SharePoint Online Security Assessment and Configuration.
-
OneDrive Security Assessment and Configuration.
-
Microsoft Defender Security Assessment & Configuration.
-
Microsoft Purview Security Assessment and Configuration.
-
Microsoft Edge Security Assessment and Configuration.
M365 License Assessment and Recommendation
Conditional Access Assessment and Configuration
BitLocker and MFA Implementation
Entra ID (Azure AD) Security Assessment and Configuration
- All accounts in Entra ID is periodically reviewed
- Inactive accounts should be blocked or deleted
- All corporate approved applications are cataloged and periodically reviewed
- Key Applications must configured for Single Sign-On
- Dynamic Groups are leveraged for automated group management
- Network access via Conditional Access is documented and periodically reviewed
- MFA is enforced for all users
- MFA is enforced for all privileged users
- Legacy Authentication must be blocked
- Browser Sessions shall not be persistent for privileged users
- Guest User Access must be restricted
- Users assigned highly privileged roles shall not have permanent permissions
- Activation of privileged roles should be monitored and require approval
- Highly privileged role assignments shall be periodically reviewed
- Azure AD Logs shall be collected
- Entra ID Application Proxy is configured for on-premise applications
Microsoft Teams Security Assessment and Configuration
- Teams channels are set up for expiration due to inactivity
- Private and Shared Channels must be utilized to restrict access to information
- External Participants should not be Enabled to Request Control of Shared Desktops in Meetings
- Anonymous Users shall not be Enabled to Start Meetings
- External User Access shall be Restricted
- Unmanaged User Access shall be Restricted
- Only Approved Apps should be Installed
- Only the Meeting Organizer should be Able to Record Live Events
- Restrict Users who can Create Teams Channels
Microsoft Exchange Security Assessment and Configuration
- Automatic Forwarding to External Domains must be disabled
- Sender Policy Framework must be Enabled
- Domain Keys Identified Mail Should be Enabled
- Domain-Based Message Authentication, Reporting, and Conformance Shall be Enabled
- Enable Email Encryption
- Simple Mail Transfer Protocol Authentication must be disabled
- Calendar and Contact Sharing must be Restricted
- External Sender Warnings must be Implemented
- Emails must be Filtered by Attachment File Type
- Zero-Hour Auto Purge for Malware Should be Enabled
- Inbound Anti-Spam Protections Shall be Enabled
- Mailbox Auditing Shall be Enabled
- Audit Logging Shall be Enabled
- Enhanced Filtering Shall be configured if a 3rd party email filtering tool is being used
- Ensure the spoofed domains report is reviewed weekly
SharePoint Online Security Assessment and Configuration
- Users must be Prevented from Running Custom Scripts
- File and Folder Links Default Sharing Settings must be Set to "Specific People"
- External Sharing Should be Set to “New and Existing Guests” and Managed Through Approved.
- Configure Expiration Times for Guest Access to a Site or OneDrive, and Reauthentication
OneDrive Security Assessment and Configuration
- Anyone Links Should Be Turned Off
- Expiration Date Should Be Set for Anyone Links
- Link Permissions Should Be Set to Enabled Anyone Links to View
- OneDrive Client Shall Be Restricted to corporate owned devices
- Legacy Authentication Shall Be Blocked
Microsoft Defender Security Assessment and Configuration
- Microsoft Report Message or the Report Phishing add-ins Shall be installed
- Reported phishing or suspicious emails messages are periodically reviewed
- Devices Shall be enrolled for Defender for Business or Defender for Endpoint
- Attack Surface Reduction rules Shall be configured
- Web Content filtering Shall be configured
- Controlled Folder Access Shall be configured
- Compliance Policies are configured to incorporate Defender settings
- Threats are investigated and responded to within the Defender portal
- Attack simulations shall be periodically conducted
- Cloud App Discovery is configured and apps are periodically reviewed
- Phishing Protections Should be Enabled
- Alerts Shall be Enabled
- Safe Link Policies Should be Enabled
- Safe Attachments Shall be Enabled
- Ensure Priority account Protection is enabled and configured
- Incidents and Alerts are triaged in the Defender admin center
Microsoft Purview Security Assessment and Configuration
- Compliance Manager recommendations are periodically reviewed
- Information Protection Labels Shall be configured
- Data loss prevention policies Shall be configured
- Retention Policies Shall be configured
Microsoft Edge Security Assessment and Configuration
- Configure Microsoft Defender SmartScreen to block potentially unwanted apps
- Microsoft Edge Policies are configured and enforced
Why Choose Borderless CS for M365 Azure Security?
Microsoft Partner
Borderless CS is Australia's leading ISO 27001:2022-certified cybersecurity company. We have partnered with Microsoft and are Microsoft 365 Security Assessment and Implementation specialists.
Comprehensive M365 Security Governance
We assist in establishing robust M365 Azure cloud security governance, aligning your organization with best practices and compliance standards to manage cloud-related risks effectively.
Azure Cloud Security Solution Architecture and Design
Our team excels in designing secure Azure cloud security solutions, ensuring the architecture is tailored to your specific Microsoft cloud infrastructure while maintaining data security.
WHY BORDERLESS CS? Why Borderless CS?
Experienced Consultants With Deep Cybersecurity Knowledge | Tailored To Your Specific Business Requirements |
Success In Strengthening Security Posture Across Industries | Personalized Attention and Support
Our Philosophy : Customer First; Every Step of the Way.
Get Started Today.
Contact us to schedule a consultation and develop a roadmap to enhance your security, improve operational efficiency, and drive business growth.
100% Cybersecurity Focused Company