SecureITSM will provision, secure, configure, and provide ongoing Office 365 and Azure environment management. This includes the following management interfaces: 365 Admin Center, 365 Compliance Center, 365 Security Center, Azure Defender Portal, Azure Management Portal, Cloud App Security Portal, Defender Identity Portal, Defender Security Center, Defender Security Intelligence, Endpoint Manager Admin Center, Intune Portal, and The Security & Compliance Center.
The Microsoft 365 environment has over 40 administrator roles. We work with our customers to ensure their employees have necessary permissions to accomplish their roles. The following is a list of common 365 administrative roles:
Advanced Threat Protection (ATP) Defender combines Microsoft disk encryption (i.e. BitLocker), a PC level firewall, and its URL and Attachment inspection tools into one management interface under the ATP Defender name. There are approximately 250 individual controls that must be properly configured to ensure a properly secured PC. The following list identifies key ATP Defender components:
Microsoft Cloud App Security is a comprehensive set of security controls providing visibility, controls, and enhanced threat protection to 365 and Azure cloud apps. Cloud Apps include SharePoint, Exchange/Outlook, OneDrive, etc. For example, SecureITSM blocks SharePoint access to user login from IP addresses outside of the United States. This is primarily done to block unauthorized access of a user’s credentials for a remote country. There are approximately 25 standard and numerous custom security policies that can be implemented.
After SecureITSM and our customers have: 1) Determined an Acceptable Risk level, and 2) determined the computer hardening technique, SecureITSM will at a minimum configure the following computer security controls. As a note, these 33 categories contain almost 1,000 discrete security elements. Part of these controls are done through group policy and a limited number of controls are enforced through PC Security Group Editor configurations.
SecureITSM manages the following security baseline elements:
Industry best practices and many security standards (e.g. CMMC) require that PC security logs be collected and stored at a central repository and periodically analyzed. Additionally, best practices mandate that alerts be created to notify security personnel of key malicious or operational events logged by a PC. SecureITSM configures each customer’s environment to centrally collect and notify our Service Desk any time an anomaly is detected.
A Microsoft 365 Tennant is the collection of 365 and Azure resources dedicated to a single domain name (e.g. SecureITSM.com). This complex environment must be properly configured and managed.
Users must be managed appropriately. This starts with the onboarding process and continues throughout their employment. During this time, their authorized applications may change (e.g. adding Visio or MS Project), their access to security groups and associated datasets will change, etc. SecureITSM works with our customers to ensure their employees and authorized users have the appropriate level of access.