SecurityRadar was launched in July to enable Microsoft Partners to use data-driven insights to proactively engage with your customers. Based on research over 4 million real SMB users, SecurityRadar is a collection of reports to enable 4 vital conversations that customers care the most about. This week’s SecurityRadar blog focuses on enabling partners with data-rich conversations related to access & permissions.
In cyber security, it is no surprise that access & permissions are a critical conversation zone. To use the house analogy, these represent the doors, locks, and keys. Any conversation on security is incomplete without the assurance of appropriate controls on who gets access, and how that access is safeguarded.
In the context of Microsoft 365, Access and Permissions seem straightforward to customers conceptually, but the partner burden is anything but straightforward. From an IT perspective, there are multiple security tools which must be used against multiple security targets, each of which may have different security options which must be managed via those various admin tools. Given all these permutations, preparing for a customer call access and permissions can easily become time-consuming and complex.
Microsoft 365 Access & Permissions
Security Targets
- Exchange Mailbox
- SharePoint
- Teams
- Devices
- More…
Security Admin Tools
- MS Partner Center
- M365 Admin Portal
- V AAD (Entra ID)
- Intune
- More…
Security Options
- M365 Licensing
- Conditional Access
- Policies
- V MFA
- Audit Logs
- More….
The Access & Permissions section with SecurityRadar seeks to reduce the partner burden. Like a “radar”, this set of reports is always listening to signals that point to Access & Permissions problems in each of your customers’ M365 tenants. And it boils them down to pointed conversations that you can then have with your customers.
An example of how SecurityRadar can facilitate customer calls is around access, especially Multi-Factor Authentication and Conditional Access Policies. These are 2 of the most familiar security options to customers, however to customers, they are often synonymous with end-user inconvenience, and they are often reluctant to discuss the risks and benefits of these security measures.
The “Get Microsoft 365 MFA Status Report” is one of the most popular and powerful reports our partners use to be fully prepared with insights around the following questions with your customers:
- MFA: Is MFA not enabled for any users? What is the reason and remediation?
- Conditional Access Policies: Are there any security options which can prevent a user logging in from unapproved networks or locations?
Regarding Conditional Access Policies, while it’s security best practice to prohibit end-user logins from abnormal or unsafe networks or times of day, you can also make it easier for them to access approved networks, which goes a long way with your customers satisfaction in your security practice.
By now, most people know that MFA is now one of most important security policies to implement. So why do only 28% of SMB’s have this fully implemented? The problem lies in complexity, capacity (manual work), and the cost of orchestration. The value of Security Radar’s reporting is that it removes most of these burdens. Additionally, this report can be pivoted to review all customers quickly for the basic statistics for MFA and CAP being enabled, by customer, all in 1 report. This report can be automated on a schedule, to regularly inform you if any of your customers require attention.
Another example is the topic of M365 licensing, which is already known to be a great entry path to get a customer conversation scheduled because of the commonly understood potential cost savings on user licenses. But this can really be a conversation about permissions, as there is much more potential value to unlock for this conversation when you have a SecurityRadar view with Security Manager.
One of the key reports for M365 licenses is the “Get Assigned Licenses Report”, which can make the following topics easy to discuss with customers:
- Licensing: Does the customer have the right M365 licensing to allow for their industry-standard baseline Microsoft Secure Score?
- Enabled Services: How many of the security options available to end users indeed configured correctly and active?
- Disabled Services: Which specific security settings are they paying for which are not enabled?
These topics are examples of hidden value you can convey in Security conversations when you have access to the data provided by SecurityRadar reports. M365 Licensing is an appealing periodic review topic for customers, as it can lead to both cost savings as well as empowering them to make sure all end users have the appropriate security licensing for their role, location, and risk level. Having a visual which lists the details about not just what license someone has, but what security options have been configured based on that licensing, allows you to convey the work that will be involved to take full advantage of the licensing they have. Finally, reviewing the detailed list of user-specific disabled security settings allows you to have a meaningful discussion on whether those settings should be enabled to enhance security, or if this user is actually over-licensed and there is an opportunity for them to save money on M365 licensing for those users.
And remember, these are just a few of the 59 (and growing) valuable reports which make up SecurityRadar.
These reports are why SkyKick’s Security Manager is being referred to by our partners as SecurityRadar. Access & permissions is just one of the 4 areas of this reporting capability which enables you to be prepared and confident for a productive customer conversation, with an existing or prospective security customer, using SecurityRadar’s data-driven insights.
Footnote
SkyKick has attained global ISO 27001 certification and is trusted by thousands of Microsoft Partners use SecurityRadar to manage over 3.6 million users…and growing.
SkyKick continues to add features to their Security Manager platform to keep up with evolving threats and best practices. As of July 2023, Security Manager now has over 45 workflows regarding Foundational Security Insights, twice the security-related workflows out of the box compared to the beginning of 2023.
SkyKick takes the security of our partners’ and their customers’ data seriously. This growth demonstrates SkyKick’s ongoing commitment to be at the forefront of global security for our Partners and their customers.