If Microsoft 365 security feels very ad hoc and reactive to you today, stay tuned because in this blog I am going to show you a tool I built that allows you to scale your cybersecurity practice to focus on the preventative while also reducing your assessment time from hours or days to just minutes.
Existing Pain Points
I talk to many MSPs and IT professionals at companies and while there might be a wide range of maturity when it comes to their cybersecurity practice, there are many fundamental consistencies I hear:
- Security feels very ad hoc and individuals are looking for standardization. Many of us are following secure score but it doesn’t feel like that is mapping to best practices or compliance standards.
- Security assessments take hundreds of man hours and don’t feel scalable, especially with Microsoft changing their portal all of the time.
- Many of us are layering on tools that off “one-click resolution” for security but in reality that doesnt scale given the end user impact. We need heightened visibility to build out a continuous improvement plan for our customers that we can clearly articulate.
Getting an Assessment in Minutes
Today you might plan out a hundred our project just to collect all of the data you need to perform an assessment for a customer. This might be on initial onboarding or periodically as part of a bi-annual/quarterly review.
With CloudCapsule, you can connect a tenant and within seconds have data streaming back to the portal with an executive summary of the finds.
Mapping to Compliance Standards
Today you might be following secure score or your own “Microsoft 365 hardening checklist” but those methods usually don’t give you a sense of priority or impact when its comes to your overall security posture. For that reason, I like to align to a compliance standard like CIS or NIST CSF so that we have a higher level of guidance when it comes to our cyber hygiene, and can maximize our finite resource which is time.
CloudCapsule allows you to automate over 70 mappings to the CIS controls and the really cool part is that it allows you to actually see the evidence collected along with remediation steps and end-user notification templates. Back to one-click resolution, we want to clearly communicate the impact of the security settings we are turning on. Both to avoid disruption but also help the customer understand the why.
Augmenting the information
One thing Microsoft secure score doesn’t factor in is the obvious notion that we are not fulfilling all of our security controls with Microsoft solutions. We are often using 3rd party tools to manage our internal security. A great example is a 3rd party tool for backup and security awareness training.
Tracking this today can be very difficult and is often done manually in spreadsheets. Using CloudCapsule, you can augment the security controls with attestation based on 3rd party tools you leverage today. Here is a great example of leveraging this to help us fulfill cyber insurance essentials reporting. Annotations are recorded and persistent with you refreshing assessments.
Assumed risk selections can also be made across controls for compliance so that you can record and periodically review this risk over time. All of this allows you to have completeness in your assessments that you can review with your customer.
White-labeling the portal
On the reporting side, its extremely important you have proper collateral so that you can have these security conversations with your customer so that they understand the importance of a continuous improvement plan. For this reason, we allow you to white-label the platform with your branding to walk the customer through the report or generate an executive summary to share.
Generating Executive Summary
We all have executives or board members of a company that want to see the quick snapshot of the health of a tenant, what’s red, and what we are doing to fix it. CloudCapsule allows you to immediately generate an executive report that captures your branding and has the top level findings from the latest assessment. This is something that was taking MSPs roughly 4-6 manual hours per client to put together before having CloudCapsule.
Viewing Vulnerability information
Finally, outside of the baseline mappings, there are hundreds of data points we grab and present so that you don’t have to work your way across 6 admin portals for a client to see the security information you are looking for. This could include things like excessive privileged users to users not covered for MFA.
