Articles in this section

Microsoft 365 Compliance - Scanning and Reviewing the results.

Avatar
Chris Mills
  • Updated
Follow

The M365 compliance feature will primarily focus on establishing a baseline of security standards for an M365 environment leveraging known Industry Security Standards (CIS Benchmark) for M365. The M365 Security Module will provide Infocyte the ability to score and grade an M365 environment with a Risk Score, identify issues and highlight recommended remediation steps.

The following services will be covered within Infocyte’s M365 Security Model:

  • - Exchange Online
  • - SharePoint Online
  • - Skype & Teams
  • - Azure Active Directory
  • - inTune

Scanning the O365 Environment

Navigate to: Discover --) Compliance --) Select the environment from the query list's action menu

Compliance scans are started from the main compliance list on the discover tab.

The scan option will be found in the action menu next to individual lines on the query list.

mceclip0.png

Clicking the scan option will start a new running task in the task drop down menu.

A running task will be updated to completed status once scan has finished.

More details on the scan progress can be viewed by clicking the task item from the task list.

The summary screen will show, “no results available”, but clicking the items tab, and clicking the name link in the list that was displayed, allows you to view the “heartbeats” similar to a scan.

Failure messages for this scan will also be displayed on this screen.

mceclip1.png

mceclip2.png

 

 

The Scoring and the Results of your compliance Scan.

Navigate to: Analyze --) Compliance 

Once a scan has been completed the results will be found on the analyze tab under the cloud section on the left.

The compliance results list is sorted by scan date, The scan name links to individual scan details.

Microsoft Graph API is queried to pull information from the following routes for a given domain:

v1.0/security/secureScores

v1.0/users

v1.0/organization

v1.0/domains

v1.0/users/${userId}/mailFolders/inbox/messagerules

The scoring results for a given item will ignore the “total count” (e.g. 50 out of 100 hosts have mfa enabled), and provide a pass or fail based on if the setting is enabled.

Guidance on remediation of items not in compliance can be displayed  via tha action menu found on the right hand side of each individual result line.

 

Next Article : M365 Compliance FAQ

 

Related articles

Comments

0 comments

Please sign in to leave a comment.