Secure and Protect Microsoft 365/Azure

Learn how to protect your business and customer information from attacks

No one wants to be hacked, and No single security solution will solve your problems

It is a delicate balance between the security controls we need that enable productivity but do not compromise the organization. At Covenant, we see this problem every day. Fundamentally, we recommend you simplify your approach to complex security challenges by using native security capabilities that are built into your platform, devices, and productivity tools rather than products from different manufacturers that do not integrate.


Microsoft Assessment

It is essential for every business to understand what technologies they do and do not have to protect their customers, employees, and reputation. The best way to understand all these moving parts is with a technology assessment.

One of Covenant’s senior architects will perform a thorough inspection of your existing systems. We look at licensing, configuration, security settings, and licensed products. This Assessment can be extended to your technology infrastructure to obtain a more holistic picture of your entire environment.

In the final report (sample provided), we provide a list of recommended changes and give a technical walkthrough to one or two of your technical staff, so they understand the findings in the report and where changes could/should be implemented. In the end, you receive real and actionable information that will better secure your employees, devices, and data.

A full Assessment typically takes 1-3 weeks to complete


Based on the Assessment, your 365 licensing, and business requirements, Covenant starts the multi-phased Fortify processes by ensuring core 365/Azure security settings are in place. We then shift focus to better secure the identities, devices, and data you are responsible for.

Phase 1 – Non-user impacting changes. The primary focus is on Defender or email and endpoints.

Phase 2 – Implementing security changes that users will more readily see and interact with. Examples are self-service password reset, MFA, conditional access, and email forwarding policies

Phase 3 – Data protection, such as AIP, Sensitivity Labels, and Data Loss Prevention. These areas of security require business use case analysis and time with key business leaders.

The Fortify service can be provided without or integrated with an Assessment. It normally takes 3-8 weeks to fully implement all three phases.


After the Fortify process is complete, Covenant, working with key members of your team on a monthly or quarterly basis, watches over the setting changes that have been implemented, monitors logs and user activity. The goal is to make sure the changes made are working as intended, to listen to the feedback your IT staff has received from users, and make adjustments as needed.

Also, as Microsoft changes the 365 security products your company is licensed for, we inform you have changes that will/may impact your environment and provided recommendations as needed


As regulations to protect individual privacy and financial information grow, most businesses are required by law to comply with some form of information protection regulation.

Covenant works with your business leaders, technology team, and auditors to ensure your business has the appropriate documentation, training programs, technology protections, and auditing required to meet the regulatory requirements identified for your business. Covenant provides the Comply service in both on-demand and as an ongoing service.

Ask us for a Sample Assessment Report