Identity & Access Management Assessment 4 Weeks

This review will be focused on identifying any vulnerabilities, exposures, insecure default settings, weak/missing security features, and adherence to industry standard guidance and best practices.

Avertium will conduct a Microsoft Entra ID assessment which will be focused on the following components

• Domain Trusts and Federation Relationships
• Overall Active Directory (AD) and Organizational Unit (OU) structure
• Role-Based Access Controls (RBAC) and user rights assignment
• Authentication protocols
• MFA / SSO
• Auditing / Logging
• Password Policies
• Group Policy Objects (GPOs)
• Service Accounts
• Active and inactive user accounts and group membership

Benefits

• Ensure granular access to applications and datastores
• Facilitate zero trust adoption
• Seamless 3rd party SaaS integration
• Tight integrations with Microsoft Sentinel & Microsoft Defender
• Adoption of modern authentication controls
• Phishing resistant MFA
• Passwordless authentication
• Privileged Identity Management

Deliverables

• Executive Summary
• Gap Analysis
• Privilegd Identity Management

Avertium is a nationally recognized cybersecurity and compliance company that has been providing security, risk, and compliance services to the healthcare industry for more than 20 years. By fusing maturity assessments, technology, and an army of experts who hold over 400 certifications in virtually every compliance framework, Avertium streamlines processes, removes the burden from your internal teams, and transforms compliance requirements into a cyber maturity roadmap.