Lock down Microsoft 365 without slowing down your business.
A focused review of Microsoft 365 and Entra ID security settings to reduce account takeover risk, email threats, oversharing, and administrative exposure.
Starting Price
USD $3,500 / CAD $4,500
Typical Timeline
5 to 10 business days
Engagement Snapshot
Best For
Businesses using Microsoft 365 that want to reduce account takeover, email, and data exposure risk
Primary Outcome
A practical Microsoft 365 security improvement plan
Standard Scope
One Microsoft 365 tenant, up to 3 stakeholder interviews
Key Exclusions
No hands-on configuration changes, email incident investigation, or Purview deployment
The Problem
Microsoft 365 tenants accumulate risk over time.
Microsoft 365 is often the center of business operations, but many tenants accumulate risky defaults, stale admin access, weak sharing controls, inconsistent MFA, and limited logging. Business email compromise and account takeover are among the most common ways attackers access small and midsized businesses. This review identifies the highest-risk gaps across your Microsoft 365 environment and provides a clear, practical path to improvement.
What You Get
Defined deliverables
- check_circle Microsoft 365 security findings report
- check_circle Entra ID and identity risk review
- check_circle MFA and conditional access recommendations
- check_circle Admin role and privilege review
- check_circle Email protection review
- check_circle Sharing and collaboration risk notes
- check_circle Prioritized implementation checklist
What Is Included
Standard scope
- check One Microsoft 365 tenant
- check Review of Entra ID, MFA, conditional access, admin roles, Exchange Online, SharePoint, OneDrive, Teams, and basic logging
- check Up to 3 stakeholder interviews
- check Up to 10 provided screenshots, exports, or configuration summaries
- check One final report and one findings presentation
What Is Not Included
Scope exclusions
- remove Hands-on configuration changes
- remove Full tenant migration
- remove Mailbox cleanup
- remove Email incident investigation
- remove Purview deployment
- remove Custom PowerShell automation unless separately scoped
- remove Ongoing administration
The Process
How this engagement works
Fit Call
We confirm the tenant size, admin access availability, and what the business most wants to address.
Scope Confirmation
Scope, access, deliverables, and assumptions are agreed upon before work begins.
Access and Information
Read-only access is provided or configuration exports are shared. Stakeholder interviews are completed.
Review
Settings, configurations, and policies are reviewed and findings are organized by risk and priority.
Findings Walkthrough
Report and checklist are delivered. Walkthrough call covers findings, priorities, and your questions.
Who This Is For
Built for Microsoft 365 businesses that want practical security improvement
This review is a strong fit for small and midsized businesses running Microsoft 365 that have not had a formal security review of their tenant. It is especially relevant for businesses that rely heavily on email for operations, handle sensitive customer data, or have grown their Microsoft 365 usage without a consistent security configuration process.
It also works well after a phishing attempt or account compromise event, when onboarding a new IT provider, when preparing for a compliance conversation, or when you want to confirm that your Microsoft 365 environment is configured to a reasonable security baseline.
Pricing note: Pricing shown is starting pricing for standard-scope engagements. Final pricing depends on environment size, number of systems, complexity, urgency, and any requested work outside the standard scope.
These starter engagements are intentionally scoped to produce useful outcomes without turning into open-ended consulting projects. If your environment is larger, more complex, or requires hands-on implementation, SullySoft can provide a separate estimate before any additional work begins.
Microsoft 365 Security Review
Starting at USD $3,500 / CAD $4,500 • 5 to 10 business days
Book a 30-minute fit call to confirm the scope and get started.
Book a 30-Minute Fit Call