SaaS has become the default choice for productivity and collaboration apps. MSPs face challenges in delivering managed services for these environments in general, and security services for Microsoft 365 specifically, as a critical component of an organization’s cybersecurity strategy. The new Acronis Security Posture Management for Microsoft 365, part of Acronis Management, addresses these challenges by applying best practices to efficiently manage Microsoft 365 security posture and users across multiple clients.
Why MSPs need a solution for Microsoft 365 posture management
Challenges in service delivery and operations
Delivering Microsoft 365 management services without specialized solutions is nearly impossible for MSPs. Microsoft’s built-in functionalities are not designed with MSPs in mind and lack critical features such as multitenancy, making the management and monitoring of multiple clients a significant operational challenge. MSPs are forced to constantly switch between client Microsoft 365 accounts, leading to inefficiencies. Additionally, handling complex tasks like risk remediation and user offboarding requires skilled technicians, driving up the cost of Microsoft 365 management for MSPs.
The SaaS security posture management domain is also relatively immature, lacking clear best practices for defining and packaging Microsoft 365 security services. This creates difficulties for MSPs in establishing standardized services for master service agreements (MSAs), leading to ambiguous service scopes and unbillable hours.
Security efficacy and compliance issues
Relying on built-in Microsoft 365 risk detection models often results in undetected risks, especially in case of complex vulnerabilities. The challenges of regulatory and cyber insurance compliance across multiple tenants put considerable pressure on MSPs. Furthermore, the Secure Score metric in Microsoft 365 sets standards that can be hard to meet, leaving MSPs with “red” reports and limited ways to reassure clients about their security posture.
Why clients of MSPs need a third-party tool for Microsoft 365 security posture management
While Microsoft 365 offers foundational security features, many organizations find that these tools don’t fully address their security needs. Microsoft operates on a shared responsibility model, where it secures its infrastructure, but the responsibility for data protection, access control and configuration management falls on clients. This division of responsibility often leaves clients with gaps in their security posture, increasing their vulnerability to cyberthreats.
For most organizations, building and maintaining an internal cybersecurity team capable of managing Microsoft 365 security configurations is both costly and resource intensive. Security best practices, especially in complex environments, require specialized skills that many clients lack in house. Relying on built-in security measures can mean critical vulnerabilities go unnoticed, particularly in less advanced Microsoft 365 plans, where tools may not include the comprehensive threat detection or automation that larger organizations require.
Additionally, manual security management can be overwhelming for IT teams. Configuring user permissions, ensuring compliance and regularly auditing security settings all require time and precision. The reliance on manual processes increases the likelihood of human error, which can introduce new security risks rather than mitigate them. Moreover, limited automation often leads to delayed threat responses, leaving clients exposed for longer periods.
Introducing the solution: Acronis Security Posture Management for Microsoft 365
To address these needs and challenges for both MSPs and their clients, we introduce our new solution for Microsoft 365 security posture management. It is a part of Acronis Management and is natively integrated within the Acronis Cyber Protect Cloud platform.
What it does in a nutshell
Acronis Security Posture Management for Microsoft 365 enables MSPs of any cybersecurity expertise level to offer robust protection to multiple clients at the Microsoft 365 tenant level from a single console. The solution uncovers more security risks than traditional audit methods and boosts MSP technician efficiency by making complex security and user management tasks manageable for nonsenior technicians. This is achieved through streamlined integration of all necessary Microsoft 365 management controls in one interface, continuous monitoring of security baseline deviations, both automatic and manual remediation of security gaps and compliance assurance through regular audits and reports.
Integrated with Acronis Automation and third-party PSAs, it enhances technician performance, streamlines monitoring, incident response, service delivery and billing. Finally, it has a free version, making it essential for Microsoft 365 security posture management services.
Free features
Some features are free and available at no additional cost in the Acronis Cyber Protect Cloud standard product, with more paid features included in our RMM solution, Acronis Management.
Free features (available as part of the Acronis Cyber Protect Cloud standard product):
- Multitenant Microsoft 365 management: Manage all Microsoft 365 tenants across clients from a unified web console.
- Best practice baselines: Access a set of baselines, ready out of the box, that can be applied to one or several client tenants.
- On-demand security posture audits: Instantly scan tenants against best practices and perform security gap analysis.
- Alerts about baseline deviations (coming soon): Receive instant alerts on newly discovered threats and user changes.
- Detailed security reports (coming soon): Generate client-facing PDF reports with compliance summaries and service proofs.
- Microsoft 365 user onboarding: Automate user setup, including license assignment, admin roles, mailbox settings and more.
- Integration with Acronis and third-party PSAs: Natively integrates with Acronis Automation and third-party PSAs.
Paid features
The advanced (paid) features in Acronis Management include:
- Continuous monitoring: Automatically detect and track baseline deviations 24/7, removing the need for repeated audits.
- Automatic and manual remediation: Quickly address risks directly from the console with both automated and manual options.
- Microsoft 365 user offboarding: Simplify offboarding with features like session revocation, license removal, mailbox conversion and compliance with litigation holds.
Why Acronis security posture management is a game changer for MSPs
Acronis Security Posture Management for Microsoft 365 is a transformative solution that addresses core operational challenges while enhancing security efficacy, significantly elevating how MSPs deliver Microsoft 365 services:
- Standardize and package security services: With built-in best practices and structured templates, MSPs can define and package Microsoft 365 security services, simplifying inclusion in master service agreements (MSAs) and ensuring consistent service delivery across clients.
- Manage multiple clients from a single MSP console: Efficiently oversee multiple Microsoft 365 tenants and users without time-consuming switching between accounts, streamlining workflows and maximizing productivity.
- Gain immediate visibility into tenant risks: Onboarding scans help MSPs detect previously unseen vulnerabilities — on average, 8-9 per tenant — offering instant insights into each client’s security needs and allowing for proactive risk management.
- Optimize technician efficiency and resource allocation: By simplifying complex security tasks, Acronis enables less experienced technicians to handle responsibilities traditionally managed by the senior ones, like risk remediation and user management. This reduces costs and frees up higher-level resources for more strategic initiatives.
- Deliver reassuring “green” reports to clients: Client-facing reports with compliance summaries and trends address client concerns, especially when meeting Microsoft’s Secure Score benchmarks is challenging.
- Enhance service efficiency with automated protection: Continuous monitoring and automated risk remediation reduce the need for manual interventions, maintaining high security standards and improving technician productivity. By addressing vulnerabilities in real-time, MSPs can deliver reliable, always-on protection with minimal manual effort.
Deliver all-in-one, unbeatable protection for Microsoft 365
But that’s not all. What’s truly groundbreaking and game changing is that with Acronis, you can deliver a complete solution for protecting all aspects of clients’ Microsoft 365 environments. From a single console, MSPs can offer comprehensive protection:
How to get started
To try Acronis Security Posture Management for Microsoft 365, follow the instructions in our product documentation. If you’re new to Acronis Cyber Protect Cloud, start a free trial to experience the benefits firsthand.
Happy security posture management!
About Acronis
A Swiss company founded in Singapore in 2003, Acronis has 15 offices worldwide and employees in 50+ countries. Acronis Cyber Protect Cloud is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.