I will review and assess your microsoft 365 security configuration
Bridging the Gap Between Vision and Technology
About this Gig
Is your Microsoft 365 environment actually secure or just set up?
Most small businesses configure Microsoft 365 to get email and collaboration running, not to optimize security. Default settings leave gaps in MFA configuration, admin role assignments, and email protection that can expose your organization.
I conduct a structured remote review of your M365 tenant and deliver a written findings report that tells you exactly what is configured correctly, what is missing, and what to address first.
What I review:
- Multi-factor authentication (MFA) status and enrollment
- Admin role assignments and privileged access
- Microsoft Secure Score baseline (your tenant's built-in security health rating) and key contributing factors
- Email security: anti-spam, anti-phishing, and safe links policies
- External sharing and guest access settings
- Basic conditional access policies (where your license supports them)
What you receive:
- Written findings report in plain language
- Prioritized action list: High / Medium / Low
- 30-minute debrief call (Standard and Premium packages)
This service is a configuration review and advisory engagement. It does not include hands-on remediation, penetration testing, or active.
Cloud provider:
Microsoft Azure
Expertise:
Installation
•
Backup
•
Migration
•
Configuration
•
Performance
Cloud computing resource:
EC2
•
Azure App Service
•
Azure Functions
FAQ
Do you need admin access to my Microsoft 365 tenant?
For a full review, read-only Global Reader or Security Reader access is required. I provide clear instructions for granting this after you order. No changes are made to your environment without your explicit approval.
What Microsoft 365 plans do you support?
Business Basic, Business Standard, Business Premium, and most E3/E5 configurations. The depth of review depends on your licensed features.
Is this a penetration test?
No. This is a configuration review — I evaluate settings and policies, not active exploits, password attacks, or network scans.
What if I need someone to fix the issues?
Remediation is available as a separate engagement. Most clients start with the review, understand what needs to be addressed, and then decide how to proceed.
What counts as a revision?
A revision is a request to clarify, correct, or reword findings already covered in the delivered report. Requests to review additional settings, areas, or systems not included in the original assessment are outside the scope of this revision and would require a new order or separate engagement.
