Customer Portal
GET IN TOUCH

Microsoft 365 Security Audit & Design Package

Our Microsoft 365 Security Audit & Design Package gives you a direct, expert review of your tenant against CIS and NIST best practices. You’ll receive a clear, actionable report highlighting where to improve, plus a ready to implement design for strengthening your Microsoft 365 security posture.

Your engagement ends with a walkthrough call to explain the findings, answer your questions, and ensure you’re confident in your next steps.

This package is ideal for IT leaders rolling out Intune, Defender, Conditional Access or tenant wide hardening policies—giving you expert guidance without the steep learning curve.

What You Get
Expert Security</br> Audit

Expert Security
Audit

Full review of your Microsoft 365 tenant

Assessment aligned to CIS & NIST standards

Actionable Findings</br> & Design

Actionable Findings
& Design

Clear report with prioritised improvements

Detailed security design ready for immediate implementation

Personalised</br> Walkthrough

Personalised
Walkthrough

Review call to discuss all findings

Q&A with a Microsoft 365 specialist

Built for IT </br> Leaders

Built for IT
Leaders

Supports Intune, Defender, Conditional Access & Zero Trust rollout

Reduces complexity and builds deployment confidence

Ready for IT that’s built for your business?

What’s Included in the Audit & Design Document

Here is a summary of the core areas covered (your actual report includes further detail):

  • Password & authentication method policies
  • Privacy and organisational settings
  • Integrated apps & user owned app restrictions
  • SSPR settings
  • External collaboration & guest access
  • Role based access control & Global Admin checks
  • Break glass setup
  • Directory and sign in experience configuration
  • Entra join & registration
  • Local admin controls
  • Intune compliance and configuration (Android/iOS/macOS/Windows)
  • Corporate/BYOD management
  • Endpoint protection (BitLocker, Secure Boot, Defender, firewall)
  • Autopilot provisioning
  • MFA, legacy auth, session controls
  • Trusted locations
  • Policy overlaps and security defaults
  • Logging & analytics
  • App approval process
  • Teams/Forms/Sway configuration
  • Enterprise app consent
  • SharePoint/OneDrive external sharing policies
  • Blocking external storage providers
  • Microsoft Fabric governance
  • Defender threat protection policies
  • Anti spam/anti malware configuration
  • SPF, DKIM, DMARC
  • Retention policies
  • Sensitivity labels
  • DLP & encryption
  • External sharing governance
  • Log Analytics configuration
  • Alerting for privileged accounts
  • Compliance notifications
  • Licence review (e.g., Business Premium standardisation)
  • Least privilege best practice mapping
  • Onboarding configuration and Intune integration
  • EDR, tamper protection & security baselines
  • Antivirus, firewall, ASR & device control policy review
  • Alerting, vulnerabilities and threat analytics

Why Cybersecurity is About "What You Know"

Knowing the vulnerabilities in your system allows you to take immediate action before threats can exploit them. It’s the unknown risks that put your business at the greatest risk.

  • Entra join & registration
  • Local admin controls
  • Intune compliance and configuration (Android/iOS/macOS/Windows)
  • Corporate/BYOD management
  • Endpoint protection (BitLocker, Secure Boot, Defender, firewall)
  • Autopilot provisioning
  • MFA, legacy auth, session controls
  • Trusted locations
  • Policy overlaps and security defaults
  • Logging & analytics
  • App approval process
  • Teams/Forms/Sway configuration
  • Enterprise app consent
  • SharePoint/OneDrive external sharing policies
  • Blocking external storage providers
  • Microsoft Fabric governance
Price

£1,500 fixed fee

Book a call to review an example report
Download Sample Report
Request your Microsoft 365 Security Audit
Customer case studies/ testimonials:
Because of the nature of the information we deal with, we wanted a third party audit to ensure we were meeting all relevant security best practices. Circle Cloud’s specialism in Microsoft 365 security made them a perfect choice.

The audit was extremely thorough, but it was the remediation guidance that set it apart. It was detailed enough for us to pass straight to our incumbent IT provider, who were able to action the recommendations and improve our security position.
Matthew CallaghanHead of Technology, Broker Insights
Circle Cloud’s Office 365 security audit catered for every aspect of our brief. The report gave us a clear picture of our security position, highlighted areas of good practice, and mapped out detailed next steps aligned to our IT strategy.

What stood out was how well the documentation worked for both technical and non technical audiences. Based on the accuracy, value for money and attentiveness of the team, we’ve now adopted Circle Cloud as our external consultant for Microsoft cloud technologies.
Ian BurnsIT Services Manager, Waterton Academy Trust
Circle Cloud were engaged for a time sensitive tenant to tenant migration following a business separation. They handled the movement of users, mailboxes, Teams, SharePoint and permissions with minimal disruption to end users.

After the migration, Circle Cloud audited the new tenant to ensure current security recommendations were in place and any potential improvements were adopted. Their ability to deliver a secure, seamless transition was excellent.
John PainterIT Systems & Development Manager, Denbury Homes

Subscribe To Our Newsletter Today?

Find Out More