Office 365 Security Assessments

Microsoft 365 Security Assessments

Microsoft 365 Security Assessment Services

Microsoft 365 (formerly Office 365) is an integrated experience of applications and services, designed to help an organization grow its business. Apps like Word, Excel, PowerPoint, and more are updated monthly with the latest features and security updates. Microsoft 365 uses cloud-based email to reach customers and coworkers, wherever work takes you. Whether it's internal collaboration in Teams, sharing and group editing files in OneDrive, or participating on client calls in Skype, the Microsoft 365 family of apps plays a vital role in the internal functions of thousands of organizations. But with this heightened dependence come increased security risks. Moving traditional office applications to a cloud-based service introduces risks in areas such as:

  • Accessibility and Access Controls
  • Messaging Security
  • Data Corruption and Security
  • Migration
  • Risk Mitigation

Our Security Assessment can identify weaknesses within the configuration, policies, and access controls of a Microsoft 365 environment. This process includes using tools such as the Microsoft Secure Score and Microsoft Baseline Security Analyzer, combined with observations and interviews to compile a matrix of risks and gaps. Compass IT Compliance also provides detailed remediation recommendations with links to the various configuration pages within Microsoft 365 where these settings can be applied. Our assessment includes a review of the local Active Directory system for common weaknesses in installation, configuration, policies, and object access control. Following the recommendations from this service will help to minimize the potential of a data breach or a compromised account.


  • Executive Summary Report - This report will provide a high-level overview of the assessment process, methodology used, and overall risk to the organization based on the results of the assessment
  • Microsoft 365 Detailed Control Matrix - This report will outline the controls contained within Microsoft 365 and what the organization is doing compared to these controls. Each control, if applicable, will provide a risk ranking as well as a remediation strategy to reduce the overall risk related to that control

Let Compass IT Compliance assist your organization in assessing any risks present through our Microsoft 365 Security Assessment so you can secure your Microsoft 365 environment, comply with regulatory compliance requirements, and save time, money, and resources in the process. Contact Us today to discuss your unique situation. Secure. Comply. Save.

Cybersecurity Blog Posts

Contact Us