Challenge
Cyber insurance questionnaire highlighted gaps in MFA, email filtering and perimeter documentation.
Approach
- Reviewed Microsoft 365 sign-in logs and enforced conditional access baselines.
- Tuned anti-phishing, SPF/DKIM/DMARC and safe-links policies.
- Cleaned firewall rules and documented VPN access for hybrid workers.
- Provided evidence pack for insurer and internal compliance lead.
Outcomes
- MFA enforced for all staff and administrators.
- Phishing simulation click rate reduced at 90-day review.
- Firewall and Wi-Fi diagrams updated for audits.
