Office 365 revolutionises how businesses operate, allowing employees to share information and workflows instantaneously through the cloud. Given the type of sensitive information stored on SharePoint, OneDrive and Exchange, it also makes the web service a high-value target for attackers.

Marathon’s Office 365 Security Assessment is a benchmark service which compares an organisation’s implementations of Office 365 with the National Cyber Security Centre’s (NCSC) Cloud Security Principles. The principles have been designed to help organisations ensure they follow best practise and do not introduce risks to their Cloud based Office 365 systems. The Principles include assessing a number of configurable Office 365 parameters and applying controls dependant on the risk. 

This service gives organisations confidence that their critical business tools are being controlled using best practice security principles. 

What's included?

The 14 NCSC principles are used as a benchmark and the assessment service analyses existing implementations or new designs, compared with the requirements of the Principles and reports on gaps and recommends where security improvements should be made.

What are the benefits?


Helps companies understand where the security responsibility for the various Office 365 components lie. Highlights actions to take to meet the minimum recommended controls for each security principle.



Benchmarked with National Cyber Security Centre (NCSC) security principles. Gives organisations confidence that their critical business tools are being controlled using best practise security guidance



Provides in-depth reporting on gaps identified across your O365 implementation along with actionable recommendations, for clarity and direction when making improvements to your security.





Why Marathon?

Marathon is a white label IT infrastructure and Security expert. We help our Distribution, SI and Reseller clients to drive more business through each of their customers. Building their capability to sustain and grow long term business.

Marathon are Cyber Essentials and Cyber Essentials Plus Certified Assessors, GDPR Practitioners, ISO 27001 (Information Security Management Systems) and ISO 22301 (Business Continuity Management Systems) Auditors.

Marathon’s Office 365 Security Assessment service provides clients with the visibility they need to underpin their Office 365 solutions with best of breed security.