Microsoft 365 — work, communication, security

Key capabilities

• SSO to cloud and on-premises applications (Enterprise Applications, SAML/OIDC/WS-Fed).
• MFA (including passkeys, Microsoft Authenticator) and Conditional Access with device state, location and risk awareness.
• Entra ID PIM: just-in-time privileged access, approvals, enforced MFA and full audit.
• Identity Protection: sign-in/user risk detection and automated remediation.
• External identities: B2B/External Identities (secure partner collaboration, invitation flows).
• Deep integration with Intune (device compliance), Defender XDR, M365 and Azure services.

Scenarios and benefits

• Hybrid work: access only from compliant devices (Intune) + CA policies (MFA, location, risk).
• Secure B2B collaboration: external partners with limited, supervised access.
• Least privilege: PIM for admins and application roles with audit and enforced MFA.
• Risk reduction: blocking risky sign-ins, enforcing password resets, session policies.

Best practices (Zero-Trust)

• Enable MFA for everyone and protect privileged accounts (PIM + CA + no standing roles).
• Conditional Access policies per application and risk level, with device control (Intune compliance).
• Use Identity Protection and alerts, automate remediation of risky activities.
• Regularly review access (Access Reviews) and limit permission inheritance.

Deployment scenarios

• Internal applications (forms, registers, workflows) with Power Apps.
• Process automation (approvals, integrations, RPA) in Power Automate.
• KPI dashboards and management reports in Power BI.
• B2B/B2C portals for customers and partners with Power Pages.
• Agents and chats on company data with Copilot Studio.

Key capabilities

• Professional email with a company domain, calendars, groups and resources (rooms, equipment).
• Shared mailboxes, aliases, forwarding, transport rules.
• Outlook (desktop, web and mobile), IMAP/POP/SMTP support (subject to policies).
• Online archiving, retention and eDiscovery — compliance with legal requirements.

Protection and compliance

• Built-in anti-spam/anti-phishing protection (Exchange Online Protection).
• Extended protection with Defender for Office 365 (Safe Links/Attachments, AIR in P2).
• Sensitivity labels, message encryption (OME), DLP and MTA‑STS/DMARC/SPF/DKIM.
• Easy auditing, reports and administrative alerts.

Key capabilities

• Team and communication sites, hub sites and easy page creation.
• Document libraries, versioning, approval workflows and metadata.
• Lists (tasks, requests, registers) and forms.
• Organisation-wide search and navigation.

Scenarios and benefits

• Intranet and internal communications (news, department pages).
• Project collaboration and knowledge repositories.
• Automations with Power Automate (document workflows, approvals).
• Access control and compliance (DLP, sensitivity labels).

Key capabilities

• Cross-device sync, Files On‑Demand and known folder move (KFM).
• File versioning and recovery after attacks (Ransomware detection & recovery).
• Secure link sharing with rights control and expiry dates.
• Seamless integration with Word/Excel/PowerPoint and Teams.

Scenarios and benefits

• Backup of key user folders and easy recovery.
• Real-time collaboration on documents.
• External sharing with DLP policies and sensitivity labels.
• IT visibility and audit (reports, alerts, activity).

Key capabilities

• Boards, buckets, labels, checklists and attachments.
• Assignments, priorities, deadlines and reminders.
• Progress views and simple reports.
• Integration with Teams, Outlook, To Do and Project for the web.

Scenarios and benefits

• Sprint planning, request handling, team boards.
• Employee onboarding and quality control checklists.
• Simple PMO — quick assignments and statuses.
• Automations with Power Automate (notifications, integrations).

Key capabilities

• Public booking page with custom branding, service categories and team availability.
• Automatic email/SMS confirmations and reminders, cancellation policies.
• Integration with Outlook and Teams (online meetings created automatically).
• Multiple calendars, roles and permissions, custom field forms.

Scenarios and benefits

• Sales and consultations: clients self-select a time slot, less back-and-forth correspondence.
• Support and service: booking queues, limits and time windows, reports.
• Training and recruitment: online sign-ups, automatic Teams links.
• Link in employee email signature → quick one-click meeting scheduling.

Key capabilities

• Components (tables, lists, tasks) working synchronously across multiple applications.
• Loop pages and spaces for team collaboration.
• M365 integrations (Outlook, Teams, OneNote) and M365 security.
• Tasks and checklists synchronised with Planner/To Do.

Scenarios and benefits

• Brainstorming, meeting notes, kickoff documents.
• Content reviews and rapid material iterations.
• Cross‑team collaboration without copy‑paste.
• Up-to-date data in all places simultaneously.

Key capabilities

• Online meetings, webinars, chat and channels (standard/shared).
• Recordings and transcripts stored in OneDrive/SharePoint.
• Apps and bots, integrations with Power Platform and hundreds of services.
• Teams Phone (optional): telephony, call queuing, IVR and local numbers.

Security and management

• Meeting, recording and guest policies; application management.
• Sensitivity labels, DLP, eDiscovery and archiving.
• Call quality insights, alerts and reports for IT.
• Compliance with industry standards (depending on plan).

Key capabilities

• Consistent intranet and communication in Teams (Viva Connections, Amplify).
• Engagement and communities (Viva Engage, announcements, campaigns).
• Learning in the flow of work (Viva Learning) with company and partner content.
• Data-driven wellbeing and productivity (Viva Insights).

Scenarios and benefits

• Onboarding and leadership communication to the entire organisation.
• Skills development and learning paths with completion tracking.
• Goal setting and tracking (Viva Goals), mood pulses (Viva Pulse).
• Better organisational culture and talent retention.

Key capabilities

• Ransomware attack disruption and encryption blocking.
• AI engine (Security Copilot), automated investigation and response (AIR).
• Attack surface reduction: ASR, firewall, device control, conditional access.
• EDR, vulnerability management and threat intelligence.

Key capabilities

• Device enrolment and management (Windows Autopilot, Apple ADE/DEP, Android Enterprise).
• Configuration and security policies (BitLocker/FileVault, Firewall, Wi-Fi/VPN, certificates).
• Application management (Win32/MSIX, Microsoft Store, VPP, Managed Google Play) and updates.
• Compliance + Conditional Access (block access when device does not meet requirements).
• Data protection: App Protection Policies (MAM) for M365 apps — including BYOD.
• Reports, inventory, remote actions (wipe, lock, reset passcode, sync).

Scenarios and benefits

• Secure remote work — access only from policy-compliant devices.
• Fast workstation deployments (Autopilot) and reduced Helpdesk workload.
• Consistent configuration and lower risk of security incidents.