My CTO Logo
  • Mobile: 07899 955559
  • Phone: 07899 955559
  • Email: ask@mycto.co.uk
Technology News

Tech News

NEWS HOME

FREE Microsoft 365 Security Audit

NEWS HEADLINE IMAGE

FREE Microsoft 365 Security Audit

Microsoft 365 is the number one Email and productivity platform for businesses of all sizes, and an extremely appealing target for attackers!

“The main concern for all businesses when moving their data and services to the Cloud is security.”

If your business is using Microsoft Office 365, My CTO are pleased to now offer any business, for FREE, an “eight-point Security Audit” of your Microsoft 365 installation which will flag any potential security vulnerabilities.

We will also provide you with a free report post audit. This has a simple traffic light system to help quickly identify where your security needs attention.

Our 8 Point Check includes:

Email SecurityTo identify if your mailboxes are lacking sufficient protection and if they are at risk for Phishing, Malware attacks or other types of Social fraud. As clever as Microsoft 365 is, it cannot do everything perfectly! Basic Spam filtering just does not cut the mustard these days and a layered approach to security should be taken. The latest Advanced Threat Protection is a must.

EncryptionDoes your configuration have the capability of encrypting confidential information enabled or protected by a 3rd party application. A lack of Email encryption isn’t necessarily a vulnerability. However, do you transmit sensitive data? This can lead to complications should emails be intercepted or forwarded into the wrong hands.

Web Protectionwe check if you have sufficient Web Protection in place to monitor inbound and outbound traffic for suspicious activity. Suspicious web traffic can often be a sign of a compromised system. Data could be being syphoned out of the business. Your machines may be used as a “Node” for hackers to compromise other systems – internally or externally.

Admin Account SummaryOur audit will analyse what administrator accounts exist in your Microsoft 365 installation and the roles and users assigned. Best practice is to NOT use your user account for “Global” administration rights, especially if Multi-Factor Authentication is not enforced.

User ReportSystem users are one of your main vulnerabilities and most breaches or cyberattacks begin here. We identify your active user accounts. We check how secure their access is by reporting on password policy and the use of Multi-Factor Authentication*

Mailbox ReportHow many Active/Inactive mailboxes do you have? We audit and report a list of mailboxes, the type and when last accessed and who has access. We identify if basic or advanced auditing is enabled which help monitor mailboxes for suspicious activity and prevent malicious actors.

Forwarding RulesOne method of identifying if a mailbox has been compromised is to review any forwarding rules which have been set up. These rules could be forwarding business email out of your company to hackers or even to employee’s personal accounts. This can often be done out of convenience if not maliciously. Suspicious or risky rules can be evaluated and disabled immediately if required.

Inbox Rules SummaryA common tactic used by Cyber Attackers, inbox rules to “Delete”, “Move” or “Forward” help to cover up suspicious activity and avoid detection. Our audit will identify ALL Inbox rules currently configured and a description of the rule function. This will enable you to quickly analyse the intended purposes and take mitigating action if required.

If you want to take advantage of this amazing offer, please email steve.atkins@mycto.co.uk or call 01621850007 / 07899 955559 to arrange.

My CTO Ltd is an IT Consultancy in Essex providing advice on Cyber Security and General IT requirements, IT solutions and IT support in Essex, London, and South East for businesses. If you have an IT requirement, want to change your providers, or even just get a second opinion, please get in contact ask@mycto.co.uk 

*Multi-Factor Authentication is a layer of protection provided by using something you have as well as your password to access. For example your mobile device can be used to receive a SMS or approve via an App.