THIS PROJECT IS SECURE AND IS INTENTIONALLY UNPUBLISHED, PLEASE DO NOT PUBLISH.
Microsoft have recommended options and configurations to improve the security for M365. A number of initiatives have already been put in place, one of which - to enable Multi Factor Authentication for the University - is already underway. There is however a need to further explore Microsoft’s recommendations through a project to ensure the security of this key service moving forward.
External engagement to advise and design on:
- de-complexifying our mail relaying, moving antivirus and spam detection from onsite services to MS365 Defender. This will allow us to rationalise a lot of very old infrastructure to provide a better, more manageable service
- leveraging the capabilities in the MS365 Defender suite to improve security, including optimising the antivirus/spam protection
The project will also look at options for reducing the use of functionals for purely MS365 functions that might be delivered another way. This will include shared mailboxes, PowerBI/PowerApps authorisation, resource calendars, App to App authentication/integration. This will include new service models (where appropriate) and migration paths but is unlikely to migrate pre-existing setups unless a bulk migration path is identified. Another aspect of the scope is to look at agreeing and documenting processes for MS365 security actions, including the management of malicious files.