This repository documents a practical Microsoft 365 security baseline aligned with Cyber Essentials and enterprise best practices. It demonstrates a structured, security-aware approach to identity, email, endpoint and audit configuration within a Microsoft 365 environment.
The purpose of this project is to provide clear technical evidence of how Microsoft 365 can be secured in a controlled, auditable and user-focused manner, suitable for public-sector and regulated environments.
The objectives of this security baseline are to:
- Reduce the risk of unauthorised access and account compromise
- Protect users from common email-based threats
- Improve endpoint security and malware protection
- Ensure accountability through audit logging and governance
- Support Cyber Essentials readiness and audit preparation
All configurations are documented using lab environments and best-practice guidance. No production data, credentials or tenant identifiers are included.
- Administrative role management and least-privilege access
- Multi-Factor Authentication (MFA) for users and administrators
- Conditional Access policy design and risk-based access control
📁 identity-access/
- Anti-phishing controls and impersonation protection
- Secure mail flow and external forwarding restrictions
- Controls to reduce business email compromise and data leakage
📁 email-security/
- Endpoint protection principles using Microsoft Defender
- Malware protection and device security awareness
- Integration of endpoint health with access controls
📁 endpoint-security/
- Unified audit logging principles
- Administrative activity tracking
- Support for incident investigation and compliance audits
📁 audit-logging/
- Guidance on secure evidence collection
- Audit-ready documentation principles
- Redaction and data protection awareness
📁 evidence/
This baseline supports Cyber Essentials requirements across the following areas:
- Secure configuration
- Access control
- Malware protection
- Patch and update awareness
- Auditability and accountability
The repository focuses on practical controls rather than theoretical security models.
This project is intended for:
- Employers and interview panels
- IT Technical Services and Application Support teams
- Microsoft 365 and cloud administrators
- Security-aware IT professionals
- Public-sector and healthcare organisations
- All content is documentation-based and representative
- No production systems or real organisational data are referenced
- Screenshots, where applicable, are redacted
- The project focuses on secure, repeatable and auditable practices
Hyginus Obi
IT Technical Services & Microsoft 365 Security
MSc Applied Cybersecurity
Portfolio and supporting documentation available on request.