SPECIALIZED SERVICE

Microsoft 365
Assessment

A strategic and technical assessment designed to evaluate and enhance your Microsoft 365 environment - aligning productivity, collaboration, and security under a unified governance model.

Request an Assessment

Unlock Hidden Value in Your M365 Investment

Most organizations already have powerful security and collaboration tools built into their Microsoft 365 licenses - they just don't know how to use them effectively.

Our assessment reconnects your business needs with the capabilities you're already paying for, while identifying cost-effective add-ons that can facilitate your organization's goals at a reasonable cost.

95%

of organizations underutilize their M365 security features

Assessment Goals

1

Cost-Effective Licensing

Understand M365 licensing that most cost-effectively supports your infrastructure, security, and compliance needs.

2

Security Baseline

Build a security baseline leveraging licensed capabilities that protects organizational assets using recognized industry benchmarks.

3

Deployment Assistance

Assist in deploying key capabilities provided by your chosen M365 licenses for immediate value realization.

Our Approach

1

Assessment Interview

A collaborative discovery session that reconnects your current state with what you're trying to achieve. We determine recommended M365 licensing based on:

  • Client business needs - Understanding your operational requirements, workflow priorities, and what tools you're currently using to accomplish organizational goals
  • Desired secure state - Identifying the security posture that aligns with your risk tolerance and fits your organization's shape and size
  • Compliance and regulatory requirements - Where applicable, ensuring adherence to industry standards

"We'll suggest built-in tools and capabilities that can be leveraged, immediately, to security your environment"

2

M365 Licensing Assessment

Determine recommended M365 licensing based on:

  • Client business needs
  • Desired secure state

Written Summary Report Features:

  • Business outcomes based on license level
  • Cost/benefit analysis
  • Clear recommendations and next steps
3

M365 Deployment Assistance

After license selection, CR1 assists in deploying licensed features to improve organizational operations and security. We work collaboratively with your team to ensure smooth implementation with minimal disruption.

Our Deployment Process:

  • Collaborative policy creation between CR1 and client resources based on security recommendations and business need
  • Collaborative deployment to test/pilot groups for validation
  • Monitoring and support to ensure correct application, effect, and remediation of any issues

Common Policy/Change Deployments Include:

Email encryption for external senders
SharePoint/OneDrive external sharing controls
Web session timeout configuration
Intune-managed mobile device access via Outlook
Office 365 access limited to managed endpoints
Endpoint compliance policies with threat protection
Comprehensive Windows Security Baseline
EDR/antimalware, disk encryption, firewall
Attack surface reduction rules
Anti-phishing, anti-spam, anti-malware policies
LAPS & Endpoint Privilege Management

Additional Support Services:

  • Audit report creation: User interaction with sites, folders, and documents
  • Security alert creation: Compromised users, phishing emails, suspicious insider activity, and data exfiltration
4

M365 Platform Assessment

CR1 will perform a comprehensive security assessment of your M365 environment. This assessment provides guidance on aligning with recommended best practices that support your business goals and objectives.

Industry-standard benchmarks ensure your M365 environment meets recognized security baselines while remaining practical for your organization.

5

Findings Documentation

Development of comprehensive findings documentation and reports that clearly communicate security gaps, licensing optimization opportunities, and actionable recommendations.

6

Findings Presentation

Interactive presentation of findings to your leadership and technical teams, ensuring everyone understands the current state, risks, and prioritized roadmap for improvement.

Assessment Scope

Assessment benchmark controls are broken down into the following general domains, providing comprehensive coverage of your M365 security posture:

Administrative Accounts

Privileged access controls and admin role management

Application Permissions

OAuth grants and app access governance

Auditing

Logging, monitoring, and compliance tracking

Azure AD/Entra

Identity and access management configuration

Data Management

Information protection and data governance

Email Security

Exchange Online protection and anti-phishing

Mail Transport Rules

Exchange Online routing and policy enforcement

Mobile Device Management

Intune policies and device compliance

Storage

SharePoint, OneDrive, and Teams data security

What Our Clients Value Most

Real insights from CISOs and security leaders who've experienced our M365 Assessment process.

Clarity Without Alarmism

"Security posture clarity without the fear factor."

We help executives understand where they truly stand relative to peers without hype, shame, or false urgency. Our assessments establish a credible baseline and frame security maturity as a journey of improvement, not a pass/fail judgment.

Actionable Benchmarks

"Benchmarks you can actually use."

We translate industry benchmarks into practical, organization-specific roadmaps. By separating low-risk foundational controls from high-impact ones, we help teams raise security maturity quickly-without breaking workflows.

Licensing Optimization

"Know what you already own-and how to use it."

Many organizations are already paying for powerful security capabilities they haven't unlocked. We demystify complex licensing and ensure clients get full value from existing investments before recommending additional spend.

Platform Complexity Made Simple

"Microsoft security, made intelligible."

We bridge the gap between Microsoft's vast security ecosystem and real-world operations. From Defender to Purview to Entra, we explain how the pieces fit together, what matters now, and what can wait.

A Partner, Not Just a Report

"Not just findings-forward motion."

We don't stop at assessment. We help clients translate insights into deployment plans, role clarity, and phased execution - so recommendations turn into real-world security gains.

Progress You Can Prove

"Security improvement you can measure - and show."

By aligning benchmark scores with platform metrics like Microsoft Defender Secure Score, we give leadership clear, defensible evidence of progress over time - not just technical changes, but measurable risk reduction.

💡

Real CISO Feedback

"This assessment answered about 10 questions I'd been carrying around. Learning we already had enterprise-grade EDR/XDR without needing more licenses was one of the highest-value moments. The timing was perfect-it landed exactly when we needed clarity to move forward."

- CISO, Recent M365 Assessment Client

Ready to Optimize Your M365 Environment?

Stop overpaying for unused licenses and close security gaps. Let's build a cost-effective, secure M365 foundation together.

Request an Assessment Learn More About M365 Services