Information Technology Firm

Adopting M365 for Remote Working


An information technology services organisation based in the UK.

Related Services

M365 Security Assessment

Project Detail

The client, like many organisations, swiftly adopted Microsoft 365 to meet the demands of remote working. They sought an expert to conduct a thorough review and remediation of their IT estate, revamp their existing technologies, and implement digital-friendly solutions to enhance their core business operations. Despite having a small team with strong technical skills, they lacked in-house security expertise.


The client faced two primary challenges. Firstly, they were uncertain about their current security posture and their exposure to modern-day threats. Secondly, they were unsure about the best steps to address any existing issues and develop a roadmap to achieve their future strategic goals.


We were engaged to perform a comprehensive Microsoft 365 security assessment, which comprised of two key phases:

  • A technical assessment of fundamental security controls within the Microsoft 365 environment, including authentication and multi-factor authentication, user and group configurations, data classification and privacy controls, external sharing, and reporting configurations.
  • A governance and risk management assessment, which extended the technical assessment to evaluate the security operating model, change control processes, business continuity and recovery (BCR) plans, joiners / movers / leavers (JML) process, and licensing requirements.

Key components reviewed included Azure Active Directory, Exchange, OneDrive, Teams, SharePoint and OneDrive.


The client leveraged the assessment findings and our continuous support to develop a tailored roadmap aligned with their risk appetite and future strategic direction. The assessment not only addressed specific security issues, but also emphasised cloud-native changes in their underlying business-as-usual (BAU) activities. This approach ensured that the client’s security measures remained effective over time, adapting to the evolving threat landscape and enabling them to navigate their digital transformation journey with confidence.


Our comprehensive Microsoft 365 security assessment provided our client, an information technology services organisation, with valuable insights and guidance to strengthen their security posture and support their digital transformation. By addressing their security challenges and developing a roadmap aligned with their strategic objectives, we empowered them to navigate the evolving threat landscape with confidence. With our continuous support, the client can implement cloud-native changes and enhance their business-as-usual activities, ensuring long-term effectiveness in protecting their cloud environment.