Securing M365 to meet Cyber Security Standards

Our mission is to assist Irish businesses in safeguarding their cloud infrastructure by utilising the robust features and capabilities of Microsoft 365 (M365). To achieve this, we follow the Public Sector Cybersecurity Baseline Standards for Government ICT services framework recommended by the Irish Government and the National Cyber Security Centre (NCSC).

As part of our commitment to excellence, we utilise the latest Secure Configuration Framework for Office 365 guidance published jointly by the NCSC and Microsoft in 2023. These guidelines serve as a reliable reference point for implementing security controls that ensure the best security practices are being used by public entities and organisations connected to the public services in Ireland.

Unlock the Power of M365 Security

Microsoft 365 (formerly known as Office 365) is a powerful cloud-based solution that provides businesses with a comprehensive suite of tools to increase productivity and collaboration while ensuring the highest levels of security. It is designed to be flexible and customisable to meet the unique needs of each business, regardless of size or industry.

However, as with any cloud-based solution, security should be a top priority. With the increasing number of cyber threats and data breaches, it is crucial that businesses in Ireland take a proactive approach to security. This is where our M365 Security Assessment comes in.

Strengthen Your Cloud Security with a Microsoft 365 Security Assessment

Our assessment is designed to help businesses evaluate their current security posture and identify potential vulnerabilities in their Microsoft 365 environment. We provide a detailed report that outlines our findings and provides actionable recommendations to help businesses strengthen their security. Our assessment aligns with the NCSC Framework, which provides a comprehensive set of guidelines for businesses to follow when implementing security measures. By following these guidelines and leveraging the capabilities of M365, businesses can significantly reduce their risk of a cyber attack or data breach.

M365 Security Assessment PROCESS

Our Microsoft 365 Security Assessment service is designed to help businesses in Ireland improve their security posture by evaluating their current environment and providing actionable recommendations to strengthen their security. Our assessment process consists of three steps:


We begin by conducting a pre-assessment to understand the business’s unique needs and goals. We gather information about the business’s Microsoft 365 environment, security policies, and any potential vulnerabilities. This helps us tailor our assessment to meet the specific needs of the business.


We conduct in-depth workshops to evaluate the business’s Microsoft 365 environment and security policies. We analyze the business’s security settings, user access controls, and overall security posture to identify any potential vulnerabilities. We also review the business’s compliance with the Irish Government’s National Cyber Security Centre Framework (NCSC).


Once our assessment is complete, we provide the business with a detailed report outlining our findings and actionable recommendations to improve their security posture. We also provide guidance on how to implement the recommended changes and offer ongoing support to ensure the business is maintaining a strong security posture.

M365 Security Features

Some of the key features and capabilities of Microsoft 365 that can help businesses improve their security posture include:

  • Multi-factor authentication: Microsoft 365 offers various options for multi-factor authentication, which adds an extra layer of security to user accounts.
  • Data Loss Prevention (DLP): Microsoft 365 includes DLP capabilities that can help businesses prevent sensitive data from being shared or leaked.
  • Advanced Threat Protection (ATP): ATP helps protect against advanced threats such as malware, phishing, and ransomware.
  • Security Compliance Center: The Security Compliance Center provides businesses with a centralised location to manage security and compliance policies.
Book a Demo
Microsoft security for cloud apps

Post Assessment / Migration Path to NCSC Compliance

CommSec is dedicated to helping customers implement the findings of the Microsoft M365 security assessment to start them on their journey to NCSC compliance. We do this in two stages:

  1. Fundamental Baseline Security: We understand the importance of fundamental baseline security measures and can help customers implement key controls such as multi-factor authentication (MFA), password reset policies, conditional access policies, managing and securing devices, and implementing advanced email protection and web filtering.
  2. Advanced Security Optimization Services: which include Azure Active Directory management, Identity protection and privileged identity management, advanced endpoint protection, data loss prevention (DLP), labelling of data assets, and digital forensics.

We hold the highest Microsoft security certifications, making them highly skilled and knowledgeable about the latest security trends and technologies. This expertise allows us to provide the highest level of service and support to our customers, ensuring they receive the most effective and up-to-date security solutions.

Watch the webinar

CommSec’s Colm Gallagher and Ian Shiel analyse the new Public Sector Cyber Security Baseline Standards document and give their recommendations for implementation.

get in touch


A member of our team will get back to you as soon as possible. They will find a suitable time to speak with you, answer any questions you have and help find the perfect solution to suit your requirements.