Microsoft 365 Security Audit

What We Do

Not all IT support companies are the same. When we take on new business customers and run our Microsoft 365 Security Audit, in 99/100 cases it reveals security holes.

That means there are areas where your Microsoft 365 has not been set up correctly – it poses a significant risk for your business and you don’t even know about it.

And why should you? You leave that to your IT support company, right? How confident are you that they’re not leaving you exposed? Are you one of the 99/100 that are getting it wrong. How can you be sure?

By running a Microsoft 365 Security Report, that’s how.

What will an Audit Show You?

Basically, it will give you a detailed, yet user-friendly breakdown of what is happening in your Microsoft 365.

Things like:

  • Who is exposing you to risk because multi-factor authentication isn’t activated on their accounts?
  • Who has access to your emails?
  • Do you know if someone has granted themselves access to an area they shouldn’t have?
  • Have all leavers been totally removed from your systems? Are you sure?
  • Are your emails being forwarded on to someone else without your knowledge? (This is a key method used by cybercriminals, who can hide out in systems, watching and waiting for the ideal time to strike.
  • Are there any third-party apps linking into your system that shouldn’t be there?
  • Lots, lots more

What do you need to do to get a Security Audit?

Book a slot with us to run the Audit Report.

The Microsoft 365 Security Report obviously has to access your Microsoft 365, or it wouldn’t be able to report on anything.

So, to be able to do this, you’ll need to login to your Microsoft 365 system with a Global Admin account. The system can then get to work on getting the data for the audit.

You will be asked to login using your Microsoft 365 account details three times.

This is because Microsoft keeps the data in three different areas. Think of it like a secure physical unit with identity checks between each different room. You’d have to swipe your pass card to gain entry to each area.

The software will then get to work on creating your report, typically taking about 2-3 minutes depending on the amount of user accounts you have. It’s going to be bringing you a lot of information back, but it will let you know when it’s done.

Alternatively, if you don’t want to do this remotely, we can come out to you to help you to create the report. We can even run through what it all means with you then. 

Will you see my Microsoft Username & Password?

No, you simply need to give your details so the system can go in, interpret the data and create the report. You install the software on your private system, not from a cloud location.

Once the report has been generated, nothing is stored. If you want to run another report, you will need to enter your details again.

No changes are made to anything in your Microsoft 365 and if you have your M365 Audit Log activated, you will clearly be able to see this. You get to see exactly what the audit is doing each time it asks you to login. Nothing is hidden, and it will clearly tell you what information it is gathering.

So, You’ve got Your Report, What Next?

As this is a free report, obviously you have some entries in full, but others have been restricted. It does, however, reveal any glaringly obvious danger points that you need to address urgently.

Can I get the full Report?

Yes, of course. Just ask and we can provide you with the full audit report and run through it with you.

We can also show you the benefits of automated alerts for your Microsoft 365, so if any suspicious activity is spotted, you will know immediately, and action can be taken before any damage can be done.