How to make the most out of the Microsoft licensing to secure your environment

Companies all over the world are upgrading licensing for their Office 365 tenants for a variety of reasons. Some companies might upgrade because of cost savings, others might do it to gain a particular capability that will meet a specific use case that they need to cover, and others may not even know exactly what drove them to upgrade. One of the best reasons to look at upgrading is to begin layering the new capabilities that come in the M365 E3 and E5 licensing that help to augment or introduce security centric solutions to provide additional security, control, and visibility into the environment.

No matter the reason, the challenge with moving to the Microsoft E5 licensing, and to a lesser extent the Microsoft E3 licensing, is being able to deploy the solutions included within M365 in a manner that makes sense, does not overwhelm staff, or disrupts business processes.

In this multi-part blog, we will help walk through the best ways to take on those challenges and be successful in implementing your M365 licensing while increasing your ability to secure the environment. Over the next few months, we will cover:

1. How to start (This session)
2. Tackling Identity
3. Dealing with Data Protection and Visibility
4. Managing the Endpoints
5. Deploying Defender solutions
6. Extending security across SaaS Applications

Part 1 – How to start

Too many companies fail to successfully deploy M365 licensing because they try to tackle everything at once. It can easily become overwhelming and frustrating  when all of the pieces become disjointed. This frustration can lead to no one piece of the M365 solution sever being fully or successfully deployed. At Spyglass, we take the programmatic approach of taking the implementation one step at a time, and everything will hinge on the first step. So, what is the first step? Planning and Design!

Why is the first step of planning and design so important? The answer is simple; to successfully deploy any of the components of the M365 licensing, we must know the answers to the following questions:

• What are we looking to achieve from each product we are considering?
• What are the use cases that we want to solve for or meet with the deployment?
• Who is going to be affected and how will they be affected?
• How are people using the base Office 365 services today?
• What are my sharing requirements?
• How do I handle people that have access to my information but are not employees of the company?
• How to I manage access to my applications and devices?
• Do I have specific regulatory or compliance standards that I must meet?
• Do I have any deadlines that I need to meet in the deployments?
• What solutions do I have in play today that can integrate with or be replaced by the M365 solutions?

As we start to answer those questions, we begin to get a clear picture of how things may be configured, what order they should be deployed in, and how we are going to start communicating out to administrators, employees, customers, partners, and management around the deployment.

As we build the clear picture of what the end state will look like, decisions around the how, what, and when will fall into place. This is also the time when we look at what other solutions may already be in place within the environment and how the M365 licensing can augment those solutions to make a better together story and if necessary, replace the solutions.

Lastly, this is also the phase of the project when it is critical to not only look at what is new but what has already been deployed, too. We need to determine if things like the following are already configured to be in line with the end goals and if not, what needs to be done to get them in line:

• Exchange
• EOP
• SharePoint
• OneDrive
• Teams
• Microsoft 365 Groups
• Yammer
• Power BI/Platform
• Azure AD
• Hybrid connections
• DR/BC
• Visibility and Reporting

This list is not exhaustive and because of the innovation that is being done by Microsoft, it is ever changing. The agile deployment cycle Microsoft uses also means that the target is not static, but ever changing and evolving. This means that baselines and foundations for the core Office 365 solutions need to be be evaluated on at least a yearly basis. Office 365 is not a “Set it and Forget it” solution. It is one that will grow, change, and can be configured to continually meet business and security needs.

Securing and configuring the foundation of Office 365 is critical because even if the additional M365 licensed solutions are deployed well, if the foundation that they are built on is not configured solidly, the overall state has not dramatically improved. Building the M365 solutions on top of a cracked or crumbling foundation will lead to a failure through out the environment. All of the pieces (Microsoft 365 and any 3^rd party solutions present) need to be working together to allow users to be both productive and secure with little to no user impact and certainly no impact to being able to conduct necessary business.

As we stated, this is just the first step. In Part 2, we will tackle what is often the most critical component of any deployment and certainly of securing Office 365…Identity. Stay tuned for part 2 of 6 coming out soon!

We are here to help and if you would like to have a conversation about this at any time, please contact us.