The M365 compliance feature will primarily focus on establishing a baseline of security standards for an M365 environment leveraging known Industry Security Standards (CIS Benchmark) for M365. The M365 Security Module will provide Infocyte the ability to score and grade an M365 environment with a Risk Score, identify issues and highlight recommended remediation steps.
The following services will be covered within Infocyte’s M365 Security Model:
- - Exchange Online
- - SharePoint Online
- - Skype & Teams
- - Azure Active Directory
- - inTune
Scanning the O365 Environment
Navigate to: Discover --) Compliance --) Select the environment from the query list's action menu
Compliance scans are started from the main compliance list on the discover tab.
The scan option will be found in the action menu next to individual lines on the query list.
Clicking the scan option will start a new running task in the task drop down menu.
A running task will be updated to completed status once scan has finished.
More details on the scan progress can be viewed by clicking the task item from the task list.
The summary screen will show, “no results available”, but clicking the items tab, and clicking the name link in the list that was displayed, allows you to view the “heartbeats” similar to a scan.
Failure messages for this scan will also be displayed on this screen.
The Scoring and the Results of your compliance Scan.
Navigate to: Analyze --) Compliance
Once a scan has been completed the results will be found on the analyze tab under the cloud section on the left.
The compliance results list is sorted by scan date, The scan name links to individual scan details.
Microsoft Graph API is queried to pull information from the following routes for a given domain:
v1.0/security/secureScores
v1.0/users
v1.0/organization
v1.0/domains
v1.0/users/${userId}/mailFolders/inbox/messagerules
The scoring results for a given item will ignore the “total count” (e.g. 50 out of 100 hosts have mfa enabled), and provide a pass or fail based on if the setting is enabled.
Guidance on remediation of items not in compliance can be displayed via tha action menu found on the right hand side of each individual result line.
Next Article : M365 Compliance FAQ
Comments
0 comments
Please sign in to leave a comment.