And how is security governed and configured in your company’s Office 365 platform?
Like many cloud services, the Microsoft 365 Enterprise (formerly Office 365) core value proposition is also
the security challenge. “Office 365 and Microsoft 365 Apps enables you to create, share, and collaborate
from anywhere on any device with a cloud-based suite of productivity apps and services.” 1 Extending the
challenge further, all of the related data is centrally stored in OneDrive, which Microsoft describes as
providing the ability to “access files from any device, at any time.” 1Even if your enterprise is not operating on Microsoft 365, no doubt a large percentage of your vendors are. Correct security configuration and operation of Microsoft 365 by you and your third parties is critical to protecting your risk interests.
To aid you in assessing the security of Microsoft 365 deployments in your own organization and by
your third-party providers, RiskRecon has developed the Microsoft 365 Enterprise Assessment Playbook.
This Playbook provides a step-by-step methodology for assessing the quality of the essential security
configurations of any Microsoft 365 Enterprise deployment.
Here you will find essential Microsoft 365 security assessment security criteria, explanations of the
importance of each criteria, how to gather related evidence, and what proper configuration looks like.
RiskRecon’s Microsoft 365 Security Assessment Questionnaire accompanies this Playbook, providing you
tools to assess the security of third-party deployment.
Third-party security assessments founded on objective evidence are the most effective way to achieve good risk outcomes. This Microsoft 365 Third-Party Assessment Playbook and the accompanying Questionnaire do just that – they help you achieve better risk outcomes by providing you the knowledge and tools for objectively assessing the security quality of any Microsoft 365 deployment.