Active Directory Syncs not happening

One of the most important things that the Network Detective Microsoft Cloud Assessment module can report on is whether or not Active Directory syncs are happening.

For example, is your configuration set up with the on-premise Active Directory controller sync turned on? When you run this assessment, it checks to see when the last time the sync has happened. If the sync hasn’t happened in the last 15 days, that means your on-premise Active Directory controller is not being synced properly with Microsoft Cloud. Since that’s your primary controller, a lot of data can get out of sync between both the on-premise and the Cloud environment, causing issue. Network Detective will not only catch that issue, but it will also highlight that issue in several reports.

Documenting special applications

It’s one thing to keep track of the basic Microsoft 365 applications and services in the Microsoft Cloud based on the type of situation that you have. But . . .

• How do you document the special applications that you install on the cloud platform?
• Do you even have the web URLs to those applications?
• Who are the organizational contacts and what subscribed SKUs do they have?
• What level of subscriptions are they signed up for?

Awareness of what the special applications are, and being able to have strict controls over them, will lead to increased security.

Keeping an eye on outside users

Because you are dealing with the cloud, you could easily have people who are outside of your client’s organization that play a role in the Azure AD environments. These could be outside users. It could actually be outside businesses. It could be distribution lists that go outside of the organization as well. Network Detective reveals all this information, documents proxy addresses and reports on what service plans you are using from the Microsoft Cloud environment.

Understanding all the relationships

Microsoft Cloud users, and the groups they create, play a huge role in both Azure Active Directory (AD), Microsoft 365, and also the Microsoft Cloud as a whole.

To truly understand the structure of your Azure platform, you really need to see it all organized in the neat sections included in the Azure AD Detail report.

You will see how AD Groups are actually kind of the basis for Teams in Microsoft Teams, and since they are made up of users, they are also the basis for the entire permission system. That’s why you need to know each individual cloud user entity, and what product(s) they are licensed for, and which devices they are registered for in the organization’s Azure AD environment.

Network Detective shows you the entire nesting structure without having to click in and out and around the Azure AD admin tool hunting for the relationships.

Having all this information, organized, and at your fingertips, is essential for:

• A new technician who’s trying to get a handle on the Microsoft Cloud environment
• A Cloud administrator who is trying to hunt down a misconfiguration that’s causing problems
• An MSP who needs to scope a proposal for a prospective new client
• Documenting the Azure environment to identify cleanup activities, user and group cleanups.

Keeping “Tabs” on Teams

Ever noticed the “Tabs” inside of Teams?

They’re are not just base entries that serve for organizational purposes, but also are indicators of what applications are in use within those Teams.

The tabs themselves could actually contain certain types of applications, such as OneNote notebooks. They can contain custom apps that are being used by the individual Teams. Network Detective helps you understand and assess how the Microsoft Teams environment is actually set up.

Controlling “bloat” and file proliferation

One of the biggest problems with the Microsoft Cloud is how easily uncontrolled growth can happen in Teams and Groups. As an IT professional, you want to control the sprawl and you also want to understand what is happening, both from a business point of view and also from a risk point of view.

Network Detective lets you see if your SharePoint application is being abused from a file space and performance perspective. Performing a regular SharePoint assessment, and getting rid of sites that you aren’t using, not only minimizes your digital footprint, you also reduce the amount of threat surface that you have. The report also goes through the Microsoft Secure Score and controls that are specific to SharePoint, helping you take care of the problems with misconfiguration that are very common amongst SharePoint sites.

Without controls and monitoring, users can create Teams with inappropriate names and content without the knowledge of the organization’s management team. A passive approach to this situation could lead to HR issues and financial liability.

The Microsoft Cloud Assessment module makes it easy for to run the full Microsoft Cloud assessment report set prior to regular client review meetings. Show your customers the real value of your service by providing them with an in-depth, full assessment report of their Microsoft 365 and Azure environment

Creating a New Cloud Security Offering

Network Detective helps you use the Microsoft Secure Score to serve as a reference point for both improvement of IT, and as a way to offer an extra managed. To deliver this service, all you need are the reports generated by the Microsoft Cloud Assessment Module, which includes the Microsoft Cloud

Secure Score, the Network Detective Cloud risk score, the controls, and the issues.

To deliver the service, run the reports monthly. Share them with your client, agree with your client which parts of the Cloud infrastructure you want to improve by the next monthly report. Each month you work on the most important things, tackle the issues that are having the biggest impact, and show the score improving over time.

Depending on the client’s budget and appetite for Microsoft Cloud resource utilization efficiency, performance, and security, your service could go beyond just the control scores and the historical analysis, to include an alert analysis as well. This involves compiling the basic alerts from all the different components of Microsoft Cloud under one view. With Network Detective you are able to quickly scan all the alerts that have happened making it easy to do a routine audit of the environment on a periodic basis for your clients.