Pyramid Builds O365 Security, Administration and Optimization Managed Services with CoreView Muscle
Pyramid Consulting Solutions, an Atlanta area solution provider with over $300 million in annual revenue, built an extensive and dynamic Office 365 practice with the help of CoreView. The solutions begin with advisory services, includes project work, and offers rich managed services. Here is an outline of the Pyramids solutions that CoreView helps drive.
Tech Assessment and Roadmap work includes:
- Comprehensive Assessment: Microsoft Platform, Licensing, Security & Migration Optimization
- Quality Assurance Optimization
- Information Security
- Microsoft Office 365 Licensing, Security, Productivity and Teams Adoption
- Software Licensing
- Cloud Cost Optimization
Pyramid’s project work includes:
- Mail Hygiene, Security and Compliance
- Threat Protection and Data Protection
- Migration from Skype to Teams
- Teams Usage and Adoption Rollouts
- Office 365 Training, Adoption and Campaign Programs
- Active Directory Health Check and Clean Up
Managed Services include:
- Office 365 Administration
- Teams Administration
- Adoption/Productivity Metrics
- CoreView Hybrid Admin and Support
Battening Down Office 365 Security Hatches
CoreView: There’s an interesting concept I saw Pyramid promotes — treating O365 as the security foundation and first line of defense against cyber-attacks. With Pyramid, the Microsoft Office 365 environment itself is a defense. So much of users’ identities are wrapped up in O365. It is such a vulnerability – but if you protect it, not only are you protecting Office 365, you’re protecting your whole IT infrastructure.
Mark: From my perspective, your identity and your documents are your IP (intellectual property). If O365 is where you’re storing it (identities), then you have to protect it adequately. Because that’s what runs your company. It’s where your processes and procedures stem from. That’s where all your financials might be. That’s where all of your plans are. If you’re protecting that, or if you’re not protecting that, that’s to your risk and detriment. That’s where it really, really begins.
CoreView: Experts say that 80% of confidential information in an enterprise is in Office documents. If you’re an O365 shop, that’s where the identities are created and held. It’s a Microsoft identity and if you can breach the identity you can get to the confidential information in those Office documents.
Mark: According to Microsoft, that’s your responsibility (identity protection). If protecting 80% of your corporate data or your secrets or your plans are up to you, and Microsoft says it’s up to you, then you better be partnered, or you better have a tool to report on it. You better be configured well. You really need to have a handle on it. Once you put all your data in the cloud, any misconfiguration or secrets are just there for anyone without a border. The importance of securing that, to make sure it’s reported on, is paramount. I see a lot of people moving to the cloud and not adding that extra layer of security or thought. They just think, “Well, I had my guy do all of it on-premises. Surely he’s going to do it in the cloud as well.” Well now he’s got two environments to manage, and he’s not properly trained. You either need tools to help you, or you need partners or both.
CoreView and Pyramid Partner on O365 Security
CoreView: How does Pyramid protect the O365 environment? What pieces does CoreView give you to protect those client environments? I’m thinking from an advisory services, project, and managed services basis.
Mark: It’s important not just to have a management or an administrator practice, but also an integrated security practice. With Pyramid, we have a security practice that covers your on-premises and your Microsoft 365 environment. One way that CoreView helps is the dashboards and the reports that look deeply into the environment — and can easily be scheduled.
We’re normally working with that guy who became an administrator in the cloud, and gets emails from Microsoft saying, “There’s something at risk”, but he doesn’t have a regular cadence or training. What we do is set up customers with the reports on a daily, weekly, monthly, semiannual basis. They get these important reports for security, document sharing, licensing, etc. These reports give them metrics so they can make smart decisions, and go look into things. It’s like giving someone chores. With cleaning your house, you don’t scrub the floorboards every day, you’re going to do it once a month, maybe.
Tracking and Thwarting Malicious Sign-Ins
CoreView: At CoreView, we find a lot of enterprises and service providers value our suspicious or impossible sign-in reports which often show there are people from China or Eastern Europe trying to log in, or possibly even successfully logging into your system.
Mark: Correct. With some clients, we’ve seen successful logins from Ethiopia and Nigeria. You’re like, “Why are people logging in from these countries?” Not unsuccessful, they’re successful. They’re doing stuff. Not one of these people had said, “Oh yeah, we’re are totally aware of that.”
Keeping Passwords Safe
CoreView: Tied to that, of course, is multifactor authentication (MFA) and knowing if passwords are complex and expiring. With CoreView, you can analyze your client’s environments and say, “Look, you’re vulnerable because you’ve got simple passwords. They’re not set to expire, so they’re not changing. And there’s no multifactor authentication.” Microsoft says, if you have MFA, you’re 99.9% protected versus not having it. The CoreView reports show where MFA and passwords need to be tightened up.
Mark: Absolutely. We’ve seen MFA drastically reduce those items where you go from 30 different locations down to just a few, very clearly with the MFA enabled. We’ve seen the proof of that in the actual working.
Rich: It’s one thing for Office 365 reports to say, “Hey, here’s something, there’s a file that I blocked on the way out, because you have malware in a file on a computer.” It’s another thing for someone to see that there’s a file that keeps trying to get out of the organization into other people’s mailboxes that’s got malware in it. It’s the third thing for that software to be hooked up to Microsoft Windows and just delete the file in an automated way in Microsoft 365.
Most organizations don’t even know of that possibility for automation. You don’t even need a person to do the task — just someone to setup the automation. If you’ll use the software and set up all the services correctly, you can actually reduce some of your expense of administrating these kinds of things. Because now Windows is part of Office 365. Which means I can do things on that computer. There’s all sorts of benefits. If you’re talking about a service desk, that’s something we’re going to turn on, so that we can give you a lower cost. We can also do a service desk as a service, for example.
Security and License Optimization
CoreView: Do you find that some of your newer clients don’t realize that they need Office 365 specific security? They think they’ve got defense in depth — firewalls and antivirus and whatever. But they don’t realize there are very specific vulnerabilities related to Office 365 that can open you up to confidential documents being available, and identities being hacked — including IT admin identities being hacked.
Rich: When people go from Exchange to Office 365, they think, “Oh, now it’s all going to be great. It’s all up to date. It’s all secure. I just need to add mailboxes and delete mailboxes as people come on board.” because Microsoft will take care of everything.
But we start assessing a company’s Active Directory and it can be a mess. We look at the logins, nobody’s alerted based on location of login to approve it. Maybe you bought Office 365 on the enterprise agreement. Well, a significant percentage of the time it saves money to switch to the month by month model especially if you have a seasonal business or decent percentage of contract employees. But, to get the savings someone in IT has to look at the bill every month and say, “What should we turn on? What should we turn off?” or setup automation the way Coreview supports.
The fact that you get it monthly doesn’t mean that you monitor it. How many bills do you have? Some people are still paying for their gym membership. Most people in the US probably will not be doing much their gym membership given the current pandemic. Half of my friends still have their gym membership thinking they’re going to go.
People do the same thing with their software. Like, “Look, Jim hasn’t downloaded Office in a year.” He ain’t going to download Office. He likes Google Apps or whatever his thing is. You’ve got two choices, enforce adoption on him, or accept it and just give him the E1, give him the Exchange online SKU.
A sales rep may have given a good deal E3 for all your employees, but many of your employees can be contractors. Contract firms have their own IT staff. We find it over and over and over again, optimization is a regular activity of IT and they need the tools to support it.
Forensics and the Importance of Auditing and Logs
CoreView: How important is CoreView’s forensics and auditing? CoreView keeps audit logs for a year or more. You talk about malware being spread throughout your organization. CoreView, you can actually see a person that is infected with malware, you can see everything that that person did. You can also see everything that an IT administrator did. An IT administrator goes bad because they’re not all great people. You can find out what they’re up to, if there’s some kind of a suspicion. How important is the auditing logs and the forensic capability?
Mark: Knowing that a zero-day attack is not a zero-day attack, but many attacks that happen over nine months is important. CoreView does give customers an extra set of tools to have that legacy auditing. Knowing they can go back in certain instances to look at what was changed and by whom. It does help if there’s a cloud issue.
If you think about somebody going back a year, if you know the administrator account’s just sitting there inactive, then you should be able to tell that, that should be turned off and de-provisioned. That it’s not just that consultant who was here nine months ago, and you forgot to de-provision that global administrator.
Pyramid’s Range of O365 Solutions
CoreView: It appears Pyramid has three different approaches to using CoreView as part of your Office 365-oriented business. There is project work, and two different levels of managed services. There are managed services where you do particular things for a client, such as license optimization and looking at security and so forth. Then you have another aspect where you will literally manage the entire O365 tenant. There you are really acting as the administrator, and doing this both domestically, and through a foreign subsidiary offering more of 24/7 style coverage.
Rich: We are using it for advisory services as well. It comes in with an advisory service. That initiates projects, Teams adoption, or whatever it is the client wants to do, such as license optimization. From there, we they get to see the full value of an optimization service. Whether that’s optimizing price or security.
CoreView: To drive the advisory services, are you running a CoreView Office 365 Health Check (which does a full analysis of the O365 tenant) to get a sense of the client’s state and needs? Is that one of the ways that CoreView comes in handy?
Rich: We don’t technically use the Health Check, but we do the same basic concept. We plug it in with an overall Microsoft Cloud assessment. We’re looking at all of the different elements of their cloud or potential cloud investments.
Extending the CoreView Office 365 Health Check
CoreView: So, you extend our O365 Health Check with a whole bunch of your own discovery and analysis and make it your own. What are the extra things that you do on top of some of the functionality the CoreView Health Check has?
Rich: The Health Check doesn’t tell you what it costs to fix the problems it sees. Essentially, think of us as the ones who tell you that you have these security issues, or licensing issues or adoption issues. Then we actually give you a price to fix and tell you what needs to be done so either you can do it or we can. We tell you exactly what we’re going to fix, and how much it’ll cost to fix it — leveraging the lowest cost resources for each issue. The Health Check tells you that you have a problem. People are looking for expertise alongside of that content.
Data Drives the Pyramid Project Roadmap
CoreView: What type of projects come out of the Pyramid assessment? Are there common areas everybody has issues with?
Mark: There’s two types of results you can give people. Out of the report, you get things that you can change within your environment to improve what you have under your current licensing. If you were to say ratchet up your licensing, because Microsoft loves to get you into an E5 license. But if you are going to add on higher level licenses, what would that capability give you in terms of a performance improvement with your Microsoft Office 365 Secure Score? How long does it take to get there?
Most of the low hanging fruit happens to be within your existing SKU, or O365 license level. A lot of people get to the cloud and they’re responsible for their identity and their documents, but they don’t know how to manage it or what configuration changes to make. We’re able to identify, “Here’s this change. It’ll help you get here. This is the amount of hours and the work effort you can do to get there.” The we can categorize it by, this is low user impact or high user impact, or this is low complexity or high complexity.
The ROI of Proper O365 Security and Management
CoreView: Pyramid talks about how much it costs to fix an issue. But more importantly, there are issues as to how much the client might save or what the ROI is based upon the types of things Pyramid can do with their Microsoft environment. It’s not just a cost, but benefits that far exceeds the cost.
Rich: Let’s say you’re the CIO of a company with 10,000 seats of exchange. That person can optimize the licensing, and reduce license costs. That money can be used to improve the security posture or improve the adoption of O365 services — not just purely saving some money.
Managed Services Benefits
CoreView: What are your clients telling you about your Office 365 managed services? What benefits are they telling you that they’re getting from the services?
Mark: They like someone having the expertise to come in and make those configuration changes when they need them. Instead of having one or two people on their staff, they have a whole team of people. You’re like, “Hey, we don’t understand this thing about EMS. Can you help us with EMS?” or helping them deploy MDM to their Windows 10 computers, because they don’t know how to do that. They could spend a ton of time and go train somebody. But when you have a larger team, it helps them out.
CoreView: We find that when an enterprise adopts Office 365, it’s a nightmare to use the Admin Center from Microsoft. Pyramid takes over those admin duties so the client doesn’t have to grapple with the Admin Center — you’re doing all the heavy lifting.
The client is getting the benefits of CoreView plus the benefits of your expertise and your services available more than eight hours a day. Because you’ve got help desks, not just in the United States, but internationally. It makes it almost like a plug and play. The client thinks, “I’ve got Office 365, but I don’t really have to worry about it, because Pyramid is taking care of it.”
Rich: You need that technical mind and you need to understand the products and you need training to be able to do any of this. But for the knowledgeable Office 365 admin, there’s a lot of things automated that are ordinarily manual. I think that would be the value proposition — the automation.
It’s the workflow.
Rich: Office 365 administration is complex, which is why we offer the managed service. If you have a thousand people, do you really want two Office 365 admins? Because, you can’t hire one — what happens if he leaves? Do you really want two? If you don’t, then you’re going to be better off with a managed service.
Interested in Partnering with CoreView?
Grow your Microsoft MSP or Reseller business by sharing the award-winning CoreView SaaS Management Platform with your customers. Learn more on our CoreView partner page.
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.