Crayon Cloud Security Assessment: 3-Wk Assessment

Crayon Cloud Security Assessment helps all customers using Microsoft 365 and Microsoft Azure understanding their business risks and exposure to cyberthreats. Through a data-driven evaluation and analysis, Crayon provides prioritized remediation and recommendations for a safer innovation in Microsoft clouds.

Crayon Cloud Security Assessment enables you to:

• Get a documented understanding of your current security maturity and posture
• Progress with confidence in your Zero Trust journey following achievable and prioritized steps
• Innovate safely with full confidence in your cloud security posture
• Gain business stakeholders to support your efforts
• Achieve compliance across all relevant security standards

Data Collection

• Extensive scans and data collection from your Microsoft 365 and Microsoft Azure estate
• An in-depth guided interview with your IT organization, collecting organizational, process and awareness key information
• All gathered data remains within your Microsoft Azure tenant

Data Driven Analysis

• The gathered data is consolidated and analyzed by Crayon security experts following the CIS Controls v8 to prioritize your Zero Trust journey and have the greatest impact on risk reduction based on current threats
• Your current Microsoft 365 and Microsoft Azure security posture is being assessed
• A roadmap is built, addressing the most critical and actionable remediation, while paving the way to your Zero Trust journey

Crayon Cloud Security Assessment Report

• An executive summary on the company’s security maturity and the necessary initiatives towards a stronger security posture
• Crayon’s prioritized actions and recommendations, articulated around an actionable short and mid-term roadmap
• Identified critical technical weaknesses (Microsoft365 & Microsoft Azure, Endpoints)

Scope

OS:

• version, supported or not supported by security updates, End of Life

Devices:

• Microsoft Intune list, inactive devices, active devices
• Missing security updates on endpoints
• Manually flagged endpoints
• Bitlocker disabled on how many devices
• Firewalls status

Applications:

• Installed applications on endpoints, version, risk level

User accounts:

• Admin account, amounts and types (both Microsoft AAD and AD), MFA level
• Enabled and disabled accounts, inactive accounts (30 and 90 days)
• Microsoft AAD external users, users without MFA, total enabled users

Endpoint security level (spec. services):

• PowerShell exe level, RDP level, SMB level
• Antivirus overview

Email protection:

• SPF, DKIM and DMARC records

Microsoft365:

• Potential PII data based on customer and consultant PII word list, Microsoft365 Secure Score
• Microsoft SharePoint external document sharing based on PII listing

Microsoft Azure resources:

• Azure Storage account security level (TLS, unencrypted sharing, SMB level)
• Azure SQL transparent encryption level
• Azure Secure Score
• Azure NSG rules
• Azure Secure Score