Microsoft 365 Tenant
Security Assessment
A structured, independent review of your current security posture. Know exactly what's exposed, what's misconfigured, and what to address first — within 5 working days. Fixed price. No obligation to proceed further.
What the assessment covers
The assessment examines six areas of your Microsoft 365 tenant using read-only delegated access. No changes are made during the review. The output is a prioritised findings report with clear remediation guidance.
Sign-in risk events, accounts with MFA not registered, legacy authentication still active, risky sign-in patterns, service account exposure, and guest account inventory review.
Policy coverage gaps — what's excluded, what's not enforced, what's in report-only. Sign-in scenarios falling outside all policies. Admin vs user policy separation.
Global Admin count and usage pattern review. Permanent vs eligible assignments. Non-human accounts in privileged roles. Break-glass account configuration.
Anti-phishing configuration, Safe Links and Safe Attachments deployment, SPF/DKIM/DMARC alignment, mail flow rule review for bypass patterns.
Defender for Endpoint onboarding coverage, Defender for Office 365 configuration, Identity integration status, Cloud App Security signal review where licensed.
Microsoft Secure Score analysis, Compliance Manager posture, audit log enablement, DLP policy coverage, and basic data classification posture.
What you receive
A structured document covering every finding with severity classification, plain-language explanation of the risk, and specific remediation guidance. No 80-page generic framework report — a concise, actionable document written for your environment.
Findings ranked by risk priority with a suggested sequence — addressing the highest-risk items first without disrupting operations. Practical, not theoretical.
A 60–90 minute video call walking through every finding, explaining the rationale, and answering questions from you and your team. Recorded if you need it for internal stakeholder sharing.
Where a finding could be addressed within your current license at no additional cost, that's noted. Where an upgrade would meaningfully change the outcome, that's included — with honest context on whether it's worth it.
How the process works
Understand your environment, your team's capacity, and your primary concerns. No technical access required at this stage.
A guest Security Reader account is provisioned in your tenant. Read-only. No changes made. Removed after assessment delivery.
Assessment conducted across all six areas. Findings documented with severity ratings and remediation guidance written specifically for your environment.
Written report delivered, followed by a 60–90 minute walkthrough session. Questions answered. Next steps discussed.
Assessment-led engagement in healthcare
Assessment identified shared workstation exposure, incomplete MFA rollout, and permanent privileged assignments as the three highest-risk areas. Remediation followed assessment delivery using findings as the architectural brief.
Ready to find out where
you actually stand?
Book a free 20-minute call. No technical preparation needed — just describe your environment and what's prompted you to look at security now.