Microsoft 365 Action Plan


4 Key Practices to Secure Your Remote Workforce on Office 365

85% of Companies Breached

According to the software company Egress, 85% of organizations using Microsoft 365 have experienced an email data breach.

Learn the 4 things you must do to protect your organization now.



What has changed?

3 Words: Work from Home

Increased Number of Devices
Workers are taking company devices home and sometimes even using their own. This means an increase in the potential number of devices hackers can target for valuable company data.
Home Network Vulnerability
Because most home networks and devices are less secure, cyber threats have proliferated.
Increased Use of Conferencing Tools
Hackers are also exploiting the increased use of online conferencing tools like Zoom, Google Hangouts, Microsoft Team, and Slack.
Increased Phishing Activity
And finally, there is increased phishing activity exploiting COVID-19 panic – with employees clicking on promises of critical news and updates related to the pandemic.

“I am very impressed with the playbook Tech Heads has developed around securing Microsoft 365. I have not seen another VAR take such a thorough approach.”


Security Architect at Microsoft


Isn't Microsoft 365 securely configured by default?
No. Microsoft states that out of the box, newer tenants have the Security Defaults enabled that implement some but not all necessary and best-practice capabilities. They advise that these are a great start but shouldn't be the only configurations organizations should use. Organization-specific security controls and procedures should augment all out of the box configuration.
Doesn't Microsoft 365 provide data backups?
No. Apart from Sharepoint Online, Microsoft does not perform Office 365 backups. This is insufficient to protect your organization's data in the case of accidental or intentional deletion, or to quickly restore after a security incident.
We already get security alerts from Microsoft 365. Why do we need THInc. 365?
You may be receiving alerts from Microsoft 365, but who is receiving, analyzing, investigating and addressing each alert? While the vast majority of alerts will not indicate a security event, ALL alerts must be thoroughly addressed to protect against the small minority that do indicate a serious security event. In addition to monitoring, THInc. 365 also provides up-to-date security configurations and data backup.

Don’t leave your organization exposed after a massive shift to remote work. Download the Action Plan today!




We are the trusted IT partner of Portland’s smartest midsize companies.

25+Years’ Experience in IT

We have a track record of incredible results and loyal relationships.

How can we help your business?
Tech Heads is a full-service IT consultancy offering expertise in all areas of digital transformation from Cloud to Networking to Datacenter design. We also offer a suite of proprietary Managed Security services based on the framework of the CIS 20 Controls to help alleviate the cost of complexity of cybersecurity operations. And finally, we partner with the best vendors in the industry to procure cutting edge IT solutions.
What sets Tech Heads apart?
Working toward customer success drives everything we do.

We started as a consultancy and continue to employ a deep bench of technical experts.

For some IT consultancies security is an afterthought, something to be added on. But at Tech Heads cybersecurity is integrated into every solution we provide.

Our 25+ year history of longstanding relationships with our customers and employees gives us stability in an ever-changing industry.
What is the best place to start?
If you are in the market for a trusted IT partner, or even just in the market for a solution to a very specific technical issue, we would love to sit down and talk. Give us a call. We can perform an assessment of your entire IT strategy and environment to identify areas for improvement, or perform an assessment of just one component to troubleshoot the issue of the day. Reach out today at 503-639-8542.