Improving Security with Microsoft 365 Security Services for Higher Ed

A network of community colleges on the West Coast is focused on providing students with the resources they need to be successful, including high-quality and secure IT services throughout the college system. The network needed assistance improving the security posture of the colleges in their purview.

Leveraging government funding, they acquired Microsoft 365 A5 licenses and engaged Oxford Computer Group (OCG) for an initial pilot of four schools, consisting of a digital estate health assessment, application rationalization, and the configuration of Microsoft Entra ID single sign-on and deployment of Microsoft 365 Security Services.

Challenge

Of the colleges in the network, there are proactive and less proactive schools when it comes to cybersecurity. Some schools were starting nearly from scratch, with very few cybersecurity measures in place, and others had more mature programs.

With the purchase of Microsoft 365 A5 licenses, the schools in the network have access to advanced security, analytics, and management capabilities. But with the schools all over the map in terms of readiness, they needed guidance to get to a more secure, cloud-based state.

Solution

This project began with a digital estate health assessment. Then, OCG conducted application rationalization to determine which applications are being used within the school network. This process allowed OCG to identify low-hanging fruit for improving security. We’ll also configure Microsoft Entra ID single sign-on and deploy Microsoft 365 Security Services.

After the discovery process completed, OCG conducted pilots at four colleges who were all at different points on their cloud and security journey. These four pilots informed the creation of three playbooks, each of which lay out an implementation path for individual colleges based on the school’s starting point and size. The playbooks enable cloud-based, modern cybersecurity while leveraging the school network’s A5 investment.

The Microsoft security workloads included in this project include:

Microsoft Entra ID
Identity Governance,
Group management
Access reviews
Microsoft 365 Security Services
Defender for Identity
Defender for Cloud Apps
…and more

The playbooks OCG created guide schools on their journey to a more secure and streamlined state. For less proactive schools, OCG created a playbook for moving identities to the cloud and adopting Microsoft Entra ID and security workloads. This will eventually allow each school to more rapidly onboard SaaS solutions into their security strategy, and to eventually migrate on-premises apps to Azure cloud hosted apps.

Benefits and Outcomes

The playbooks lay out a roadmap for moving identities to the cloud and adopting Microsoft Entra ID and security workloads. Schools will be able to more rapidly onboard SaaS solutions into their security strategy and to migrate on-premises apps to the cloud.

Based on the success of the pilots, the program expanded statewide. OCG provided immediate baseline security implementation for multiple districts and the playbooks helped guide districts on their journey to a more secure, cloud-based state.

Key Learnings and Next Steps

This project and the playbooks OCG created helped schools implement and use the capabilities included in their Microsoft 365 A5 licenses, improving their security posture, streamlining identity management, and preparing for a cloud-first future.

As a trusted advisor, OCG is helping the education network build their strategic plan for a more secure, cloud-based state. This includes removing reliance on ADFS and Shibboleth.