Information security consulting

Microsoft Secure Score

Microsoft 365 already measures your organisation’s security level, which can be compared with other similar environments. Together with a Tietokeskus consultant, we review the service status and identify development areas step by step.

Low-hanging fruit and easy ways to improve security

• After a quick analysis, we prepare a plan for how to improve your security level within your current licence framework
• A clear, easy-to-follow path to stronger security – with steps taken in the right orde

Comprehensive staff training ensures that today’s minimum security requirements are met. Our training sessions are thought-provoking and offer valuable refreshers even for seasoned professionals.

All sessions are delivered by experienced security consultants certified as Microsoft Certified Trainers (MCT).

Topics include:

• The current state of information security
• Identities and identity management
• Phishing, scams and social engineering
• How to recognize and act in security situations
• Social media, artificial intelligence, passwords and much more!

Tietokeskus consultants can assess your staff’s information security awareness by testing them with realistic but safely executed simulated attacks.

We target users with different types of phishing emails, links, and other tactics used by real attackers. A comprehensive report shows how many users were tricked, which is reviewed with the designated audience.

The collected data is then used to improve end-user training and strengthen security measures.

Multi-factor authentication requires users to verify their identity in several steps, preventing outsiders from exploiting stolen credentials.

As part of this, we also introduce passwordless sign-in. Without it, everything depends on the employee’s password (which, for some reason, is still often “password123”).

Ensure that every employee in your organisation follows secure working practices.

In a joint workshop, we create a security policy that meets your organisation’s needs and ensures careful handling of data and systems. We also provide guidance for staff to follow it.

Let’s design an annual security roadmap together.

Microsoft 365 provides built-in metrics (Secure Score) for security, which adapts to all licence levels. This allows us to measure improvements and ensure that the right actions are taken.

• Flexible – you pay only for the work carried out.
• No fixed monthly fees.
• We propose improvement measures and monitor their implementation.

Comprehensive vulnerability scanning and reporting of your environment identifies and highlights critical weaknesses. All network-connected devices, including those visible on the public internet, can be scanned.

Network vulnerabilities: Identifies open ports, weak encryption, and misconfigured services.

Device vulnerabilities: Detects outdated software, missing updates, and known OS and application vulnerabilities.

Reporting: Detailed reports with discovered vulnerabilities, criticality levels, and recommended actions.

A clear overview of your applications, their functions and importance is a vital part of modern information management. Who is responsible for the application, who is the main administrator, and who pays the bill?

Mapping helps identify dependencies between different systems

• Conducted through key person interviews, either onsite or remotely.
• Based on the interviews, we map out application dependencies and list detailed information in a separate document.
• Provides a strong foundation for future audits.
• Establishes criteria for assessing fault tolerance and recovery capability in technical security audits.

As a result, your organisation will have a clear understanding of your application landscape and all applications in use.

Helps identify potential security vulnerabilities, misconfigurations, and areas for development within your Microsoft 365 environment before they become a risk to your business. Suitable for companies of all sizes, this assessment provides your business with a clear picture of its current security posture, along with recommendations for improvement.

What the security assessment includes:

• A remote assessment that requires no special actions or additional licenses from the customer.
• An analysis of the Microsoft 365 environment’s security settings, access rights, protection solutions, and policies.
• A clear report detailing identified risks, development areas, and recommendations to enhance the environment’s security.
• A joint review of the results with the customer. During this session, a shared action plan is created to prioritize the most critical development steps.

The Microsoft 365 Security Assessment is a cost-effective way to ensure that your organization’s Microsoft 365 environment is secure, well-managed, and meets today’s cybersecurity requirements.

• Encrypt your files so that each file recognises who can open it and where.
• For example, files created by HR are automatically restricted for internal company use only – even if someone else gets hold of them, they cannot open them.
• Together, we’ll create a playbook and define the rules for protecting and classifying content.

Ensure that no external party can read your important messages.

Gain access to encryption for both messages and attachments.

Protect your cloud communications. The included tools detect malware in attachments and increasingly convincing phishing emails.

Defender for Office 365 is available in two licence versions. We help you make the most of your existing licence or upgrade to a version that includes these features.

We carry out the deployment with you and configure the correct settings and reports.