Microsoft Azure and MS 365 Security Technologies & Cloud Security Benchmark - NETSEC


Learning, Sharing, Creating

Cybersecurity Memo

Sunday, November 12, 2023

Microsoft Azure and MS 365 Security Technologies & Cloud Security Benchmark

This post is to summarize the configuration to make your MS 365 and Azure secure.

MS 365

Checking User's Logs
1. Check  View Account page from , then check My Sign-Ins
2. From -> Monitoring & health -> Sign-in logs
3. Reports -> Usage

1. From portal , then Users - Active Users - Multi-factor authentication

Security Benchmark

The CIS Microsoft Azure Foundations Benchmark is the security guidance provided by Center for Internet Security for establishing a secure baseline configuration for Azure. The scope of the benchmark is to establish the foundation level of security while adopting Azure Cloud. This benchmark is in alignment with the Azure Security Benchmark v2.

MS provide a mapping between the CIS Microsoft Azure Foundations Benchmark latest version v1.3.0 and Azure Security Benchmark v2. This will help you to understand how the recommendations for both benchmarks are aligned. You can download the complete mapping here.

Mapping between ASB and CIS Benchmark

Azure Security Technologies

EMS - Licensing Details  - E3 vs E5

Enterprise Mobility and Security = EMS
If you do not wish to make the step to Microsoft 365 E5 but want the security capabilities, then there is a security addon (‘Microsoft 365 E5 Security’ addon) that you can purchase on top of Microsoft 365 E3 that comes with the E5 security features across Office 365, EMS and Windows 10.

Another feature comparing between EMS E3 vs E5

The Complete Office 365 and Microsoft 365 Licensing Comparison


Threat Protection

  • Exchange Online Protection
  • Office 365 Advanced Threat Protection (Protection for email, Office clients, Sharepoint Online, OneDrive for Business, Microsoft Teams)
  • Office 365 Threat Intelligence (from user accounts, Attacks, Phishing, Enterprise security, System updates, Denial of service, Spam, User log-ins, Malware, Device Log-ins, Data Encryption, Unauthorized data access, MFA)

Information Protection

  • Data Loss Prevention
  • Office Message Encryption
Security Management
  • Security & Compliance Center
  • Microsoft Cloud App Security
  • Secure Score
Compliance Solutions

  • Advanced Data Governance (enables customers to achieve organizational compliance by intelligently leveraging machine assisted insights to find, import, classify, set policy and take actions on the data that is most important to them)
  • Advanced eDiscovery
  • Compliance Manager - GDPR-Compliance Manager Tool
  • Customer Lockbox
  • Secure Assurance

Other Security Tools

  • CASB
  • SIEM
  • MDR

Azure Security Features:

Office Malicious Content Detection



No comments:

Post a Comment