Cloud M365 Security

M365 Security Basics Logo

M365 Security Basics is the first CloudInsight™ offering that provides visibility into security settings for Azure Active Directory and O365/M365 tenants

29% of organizations had their Microsoft 365 accounts compromised by hackers in 2019
Barracuda Networks

92% of companies have their cloud service credentials for sale on the Dark Web

Common risks detected by M365 Security Basics

Compromised User Accounts

Accounts compromised and
unnoticed for up to a year

Unknown Users and Forwarders

Non-approved access or external forwarding of employee emails

Unapproved Email

Sign-ins from foreign countries, disabled mobile devices, and non-approved home computers

Insecure Protocols

Obsolete protocols enabled but not used leaving institutions open
to vulnerabilities

Unknown Use of
Sharing Tools

Employees commonly use SharePoint and One Drive, unbeknownst to
the institution

Targeted Phishing or
SPAM Attacks

Individual employees were being targeted without the knowledge of the institution

Designed for Community Banks and Credit Unions Who:

  • Have O365/M365 — Exchange Online, SharePoint, or OneDrive
  • Use Azure Active Directory
  • Store any non-public information (NPI) in the Cloud
  • Are unsure if their cloud tenant is secure
  • Need to increase visibility of potential security risks and indicators of compromise
  • Want access to specific data required by examiners and internal stakeholders

What do you get with M365 Security Basics?


A curated view of your most essential Microsoft cloud tenant settings, enabling you to identify risky security settings, monitor identity controls, ensure your configuration matches your institution’s information security policy, and demonstrate this to oversight bodies. Reports are organized into Summary versions for quick reference and Details versions for deeper dives.

  • Tenant Summary
  • User Summary
  • Mobile Device Mailbox Policy Details
  • Azure Device Details
  • Inbox Rule Details
  • Mailbox Permission Details
  • Client Access Details
  • User Details
  • Junk-Mail Configuration Details
  • Plan and Policy Details
  • Quarantined Email Details
  • Sign In Details

M365 Security Basics Sample Report
M365 Security Basics Sample Report
M365 Security Basics Sample Report
M365 Security Basics Sample Report

Alerting  (Add-on)

Notifications for the most common indicators of compromise in your Microsoft M365/O365 tenant. This curated set of alerts watches for the events that are linked to most instances of unauthorized access, especially business email compromise to provide the earliest possible warning of suspicious behavior. Alerts are organized into the following categories:

  • Azure AD Roles
  • Azure AD Sign Ins
  • OneDrive
  • SharePoint
  • Exchange Online

Quarterly Review  (Add-on)

This quarterly consultative engagement serves to provide a periodic objective review of recent reporting generated by M365 Security Basics Reporting, with the goal of advancing your understanding of your Microsoft M365/O365 tenant security. Each quarter, Safe Systems will review the most recent M365 Security Basics Reporting report and set a meeting to cover:

  • Ongoing education on fundamental M365 security concepts
  • Discussion of any observed anomalies on the report

Major cloud providers, like Microsoft Azure, will automatically enable new features, introducing security and compliance concerns for financial institutions. M365 Security Basics allow you to regularly monitor and review your configurations.

Frequently Asked Questions

M365 Security Basics FAQ

Microsoft spends millions of dollars every year keeping their platform and your data as safe as possible, but Azure is a robust platform with a huge feature set. The features you determine to use (or not use) will impact your security posture. Therefore, you must weigh each security setting against your institution’s risk assessment and risk appetite. Since an unacceptable risk for one institution may be a completely acceptable risk for another, the responsibility to configure and maintain the proper controls falls entirely on your institution.

Your vendor management process and due diligence work confirm Microsoft is following their processes to keep your data safe and secure; however, it does not address if you are taking advantage of security features Microsoft offers its customers.

Features and risks change over time. As Microsoft adds more features, they often add security options for these features. Therefore, your security posture needs to be evaluated regularly to ensure that you are taking advantage of the newest options, recommendations, etc.


This has been a very informative process for us and we look forward to more effectively managing our O365 environment.

Aaron Miller, IT Project Manager


I was surprised at how many easy fixes there were to make things exponentially more secure. I think all banks could benefit from knowing about and making some changes.



It was very eye-opening to see the number of unknown security issues we were exposed to by not having the right settings in place.



We found users’ settings that we were unaware of, and the report gave us actionable enhancements to implement.

VP of IT


Identified security functions we thought were in place, but found to be configured incorrectly.

VP of IT


Ready to get started?

M365 Security Basics was developed for community financial institutions by qualified engineers who hold dozens of certifications, including the Microsoft 365 Certified: Security Administrator Associate certification. We are confident that this offering will help you document and improve your cloud security posture.


CloudInsight™ is a new family of products that provides an array of reports and alerts customized for the financial services industry to enhance security awareness in the Cloud by identifying potential risks and common indicators of compromise.