Is Your Office 365 Tenant Working as Well as It Could?
Simon Ratcliffe Principal Consultant, Advisory
Microsoft Office 365 is becoming increasingly prevalent across all sizes of organisation because it is a straightforward way of providing productivity tools and file storage to users with a simple per user per month charging structure. There are, however, some problems that, if left unchecked, can leave organisations with loopholes in their environments and potentially significant costs that are avoidable. At the start of the pandemic, a lot of organisations made a switch to make further use of Office 365 as there was a sudden and widespread switch to remote working. Primarily, the Exchange Online component of Office 365 has been in wide use for a long time, however enabling components such as Microsoft Teams literally saved some organisations from extinction but, in some cases, it was necessarily thrown up fast with a minimum viable product approach.
As events have settled, some organisations have circled back around and undertaken a review of their Office 365 tenant. During their reviews, many have found that there are optimisations that can be undertaken that will create a better and more secure experience for their users. For example, Azure MFA is available under some licensing options and can be to provide an extra layer of security for users. In a similar vein, Conditional Access Controls are available for both Office 365 and Azure to protect sensitive data and to enforce user re-authentication after set periods. Features such as these and Trusted Locations, Cloud App Security and Data Loss Prevention are all available in Office 365 tenancies. Many of these were not enabled when original Office 365 tenants were established and yet the features may well be baked into the Office 365 license.
Along with features that could be enabled to drive greater value from existing license models, there are also features that may have been enabled for expediency that would benefit from a review. For example, Legacy Authentication is often switched on initially to allow some older applications that do not support modern authentication to still authenticate with Azure Active Directory. Bypassing modern authentication using this feature can allow authentication without conditional access and multi-factor authentication and could create a backdoor into an environment.
There are many documents available that describe ’best practice’ deployments for an Office 365 tenant but these documents take no account of the attitude of the organisation deploying Office 365. Each organisation is unique, their security requirements will vary and how their users need to operate will vary. Having a standard, templated approach works for some solutions but with implementations such as Office 365 the nuances are many and a one size fits all approach simply doesn’t work.
Ensono will undertake a review of your Office 365 tenant, but we will do this in the context of your organisation. Every organisation is unique and this needs to be recognised in the review. Our approach is designed to provide you with a comprehensive review and commentary. It may be that there are no recommended changes, but experience shows that it is more likely that organisations are paying for features they are not using or, in some instances, paying third party costs for features included in Office 365. Our reviews often uncover licensing efficiencies that can be gained as well as configuring features that can improve the overall experience.
The Ensono approach has always been to deliver value and our approach to this review is no different. We will charge £2,000 to undertake the review, which includes a short workshop with your organisation to provides us with context and understanding for the technical review. The output will be a comprehensive document assessing your Office 365 tenant, showing where the configuration works well and where changes are recommended.
If there are no recommended changes then Ensono will waive the £2,000 charge. If there are changes and Ensono is commissioned to undertake the changes, then the £2,000 charge will also be waived. The charge is only levied where issues are identified and recommendations made, and those recommendations are not carried out by Ensono.