The Inner Circle

 View Only
  • 1.  Office 365

    CSA Instructor
    Posted Aug 28, 2020 09:10:00 AM
    Hi
    Given the popularity of the service, it is no surprise that I see a lot of questions on guidance that is specific to Microsoft's Office 365 and associated services. 

    Is there a guide that will help people with the risk assessment and compliance of the product? Or even a Circle community that considers this in their charter? 

    BR

    ------------------------------
    Peter HJ van Eijk
    Cloud trainer
    ------------------------------


  • 2.  RE: Office 365

    Posted Aug 29, 2020 09:19:00 AM
    Hi
    Microsoft Security & Compliance Center is best place to see Office 365 scores, there are 3rd party products doing assessments too.

    ------------------------------
    Dipak Patel, CISSP
    Sr Security Architect
    W.R.Berkley Corp
    ------------------------------



  • 3.  RE: Office 365

    CSA Instructor
    Posted Sep 14, 2020 06:29:00 AM
    The UK NCSC (National Cyber Security Centre) has some elements: https://www.ncsc.gov.uk/blog-post/securing-office-365-with-better-configuration.

    ------------------------------
    Guillaume Boutisseau
    CCSK Authorized Instructor , CCSP
    ------------------------------



  • 4.  RE: Office 365

    Posted Sep 14, 2020 01:02:00 PM
    Hi Peter,

    CIS has Microsoft 365 benchmark which includes a good set of security baselines.
    The guide offers also means to audit the setting on a client tenant. For risk/compliance I also refer to the Microsoft Trust Center.

    Hope it helps

    ------------------------------
    Saan Vandendriessche CCSP | CISSP | CRISC
    Cyber Security Manager
    Deloitte
    Brussels
    ------------------------------