Is Your Microsoft 365 Actually Secure?
Most organisations assume their M365 tenant is locked down. It usually isn't. We go through every corner of your setup — who can log in, what can leave, what's being shared, what's being logged — and tell you exactly where the gaps are. Measured against CIS Foundations and your Secure Score, so you've got real numbers to work with.
7 Domains We Look At
We don't just skim the surface. Each review covers seven areas that together make up your M365 security posture — all checked against Microsoft's own guidance and the CIS Benchmark.
Identity & Access
Who can log in, from where, and with what privileges? We check your Entra ID setup, conditional access rules, MFA coverage, privileged accounts, and how you handle guest access.
Email Security
Phishing is still the number-one way attackers get in. We look at your Exchange Online Protection settings, Defender for Office 365 policies, anti-phishing rules, and whether your DMARC, DKIM, and SPF records are actually doing their job.
Data Protection
You've probably got sensitivity labels and DLP policies configured — but are they actually working? We check your labels, DLP rules, information barriers, and retention policies to make sure sensitive data isn't leaking out the side door.
Endpoint
Defender for Endpoint only works if it's properly integrated and your compliance baselines are set up right. We look at device compliance policies, app protection, and whether your endpoints are actually reporting in.
Collaboration
Teams, SharePoint, OneDrive — collaboration tools are great until someone shares a folder with "anyone with the link." We review your sharing settings, guest policies, and permission models so working together doesn't mean opening the doors.
Compliance
If something goes wrong, you need the logs to prove what happened — and ideally, alerts that told you about it sooner. We check audit logging, eDiscovery readiness, Compliance Manager settings, and insider risk policies.
Administration
Too many Global Admins is one of the most common issues we find. We review role assignments, delegated admin setups, and security defaults to make sure people only have the access they actually need.
What We Actually Do
No mystery methodology. Here's exactly what happens during a review.
Tenant Configuration
We go through your tenant-wide security settings, org defaults, and how your licences are being used. The basics — but often overlooked.
Secure Score Check
We pull your current Microsoft Secure Score, break it down, and show you which improvements will have the biggest impact for the least effort.
Identity & Access
Conditional access, MFA adoption rates, privileged identity management, sign-in risk policies — all the things that stop the wrong people getting in.
Email Defences
We test your anti-phishing and anti-malware settings, safe links/attachments config, and whether your domain authentication records (SPF, DKIM, DMARC) are properly aligned.
Data Protection
Sensitivity labels, DLP rules, retention policies, information barriers — we check whether they're doing what you think they're doing.
Collaboration Settings
Teams, SharePoint, and OneDrive sharing settings. Guest access. Cross-tenant trust. The stuff that's easy to set once and forget about.
Monitoring & Alerts
Are your alert policies actually firing? Is anyone watching? We check audit log retention and any SIEM or Sentinel integrations you've got in place.
CIS Benchmark Mapping
We map your configuration against the CIS Microsoft 365 Foundations Benchmark — a widely recognised baseline that gives you something concrete to measure against.
What You Get
Everything is built to be useful — not just read once and filed away. Your team walks away knowing exactly what to fix and how.
Security Assessment Report
The full picture: every domain reviewed, every finding rated by risk. This is your single source of truth.
Secure Score Analysis
Your current score, broken down by category, with a ranked list of what to fix first and what each change is worth in points.
CIS Benchmark Comparison
A side-by-side mapping of your config against CIS Microsoft 365 Foundations. Good for compliance evidence and board reporting.
Configuration Findings
Every misconfiguration we find, documented with severity, evidence, and enough context for your team to understand the risk.
Remediation Playbook
Step-by-step fix instructions for every finding. Written for your admins — not for auditors who'll never touch a console.
Quick Wins List
The changes that take 30 minutes but make a real difference. We flag these separately so you can start tightening things up on day one.
Executive Summary
A clean, two-page overview for your leadership team. No jargon — just the key risks, what's been done, and what needs attention.
The Practical Details
What it costs, how long it takes, and who it's for. No surprises. All prices are approximate and subject to change based on your organization's individual circumstances.
Why Work With Us
We're not a big consultancy with layers of account managers. You get senior people who've done this work themselves — at rates that actually make sense.
30+ Years in the CISO Chair
We've run security programmes at Fortune 500s and handled real incidents. This isn't theoretical for us.
30–50% Below Big Four Rates
Same level of expertise, a lot less overhead. You talk to the people doing the work — not an account manager.
Multilingual & Benelux-Based
We work in English, French, German, and Luxembourgish. Handy when you're operating across borders.
Deep M365 Expertise
We live in the Microsoft stack — Entra ID, Defender, Purview, Intune. This isn't a checkbox exercise for us.
Practical, Not Academic
Every finding comes with clear fix instructions your admins can follow. We write for the people who actually touch the console.
Let's Find Out Where You Stand
Book a free 30-minute call. We'll talk through your setup, give you a rough idea of scope, and map out next steps. No pitch, no pressure — just a straight conversation.
Book a Free Call