Simplifying Microsoft 365 Security with Infocyte
This post was last updated on February 4th, 2021 at 06:53 pm
Microsoft 365 is the most popular SaaS productivity and back-office platform in the market today. Microsoft 365 can be a very secure solution, but it must be configured properly and monitored for malicious activity and environmental changes (like configuration, mail forwarding, etc). Most SMBs and many larger enterprises lack the knowledge and resources to properly configure and monitor Microsoft 365. Without proper controls, Microsoft 365 subscribers are vulnerable to Account Takeover through the well known and unfortunately successful attack vectors (phishing, social engineering, etc)
Infocyte’s Microsoft 365 Security Service will validate which best practices are (and are not) properly implemented within a customer’s Microsoft 365 environment. Infocyte will also provide a continuous monitoring capability that will monitor and alert when configurations from an established baseline are modified which conflict with the established Microsoft 365 security best practices.
Infocyte Microsoft 365 Security Service will establish a baseline of security standards for an Microsoft 365 environment leveraging known Industry Security Standards (CIS Benchmark) for Microsoft 365. The Microsoft 365 Security Module will provide Infocyte the ability to score and grade an Microsoft 365 environment with a Risk Score, identify issues and highlight Recommended Remediations, and provide the end-customer with the ability to Monitor and Alert should their environmental changes negatively influence the established security baseline.
Infocyte Microsoft 365 Security Module will leverage independent Industry Security Standards to conduct over 40 different configuration and security checks of your Microsoft 365 environment. Some examples include:
- Ensure multifactor authentication is setup and configured properly for all users and administrators
- Ensure modern authentication is enabled for Exchange Online, Skype for Business, SharePoint, etc.
- Ensure external users cannot share files, folders, and sites they do not own
- Ensure mail transport rules do not forward email to external domains
- Ensure the Client Rules Forwarding Block is enabled
- And much, much more…
We are excited to announce this new functionality. If you’re interested in learning more, please visit this page or if you’re interested in or participating in our Beta program, reach out to our team.