Just curious how much you would charge to setup a Domain & Office 365 tenant from scratch?

thecomputerguy said:
Do you have a recommendation for a tenant management tool? I need to find a better way of doing what I'm doing because I am in and out of different tenants all day long logging in incognito....
Click to expand...
So....first thing I'll mention...."What I want a tenant management tool for".

*Create templates of security settings...and quickly apply those templates to clients tenants. These templates are for different settings, such as...Defender policies for threat management (spam/phishing/malware/etc). Templates for MFA for all. Templates for different kinds of MFA. I have a template that covers a whole bunch of little individual settings....to bring up the overall score and security posture of the tenant. I have a template to kick in the token theft prevention and other risky activities that only Entra ID P2 licensing brings. And I'm grooming these templates to be "stackable". For clients on a lower plan..just apply this handful of templates. For clients on a better security plan..also toss this template on. For clients that have Entra ID 2 licensing...also toss this template on.

What is nice about this...create a 365 tenant....depending on your licensing you start at say a security score of 35. Now...go to this management tool....apply the templates you want. Come back a few days later...and the security score it at 80. Go in and dial a few more specific settings manually..can kick it up more. But I saved a LOT of time here...A LOT.

What's nice is..this also avoids "drift". As new features are added...you can tweak the templates...and it ripples down into the clients tenants. Touch once...impact many!

*My next need... I can eyeball my clients 365 tenants in this tool....and see their status (security score, alerts, etc). So I know which clients tenant may need some loving if its score is low.

*Next need I had..."Alerting". Or better yet..."automated remediation". What I wanted...was a way to have alerts sent to our helpdesk...if someones account had a log in of say..."out of their geo area". I know you can do that with the built in poor mans SIEM in 365, it's cumbersome, limited, and.... I still prefer a centralized dashboard of a tool specifically designed to do this for MSPs and manage many different 365 tenants. And..something that can automate it for certain clients, example...a login happens from overseas, within the blink of an eye the tool will disconnect all user sessions, reset the password on the account, open a ticket in our helpdesk.

*Many tools also allow granular day to day work across many tenants. Some are limited. Some do pretty well at it. To be honest, I still prefer going into each clients 365 tenant via Chrome incognito window...because I often do things that NO centralized tool will do, because it's so specific, and...things like my "retire a user account" are so very granular and thorough and unique to each client...no generic tool can do it. I'm in and out so quick...it's not an inconvenience to use an incognito window. And I am in and out of many different tenants each and every day.

Quick review...
Microsoft 365 Lighthouse. FREE It's been out for a few years, it has matured..."a little bit"...it still has a "lot of cooking to do in the oven". Can do some security baseline. But...not very granular. However...any MSP should still at least have this tool connected. It can also manage GDAP for you.
learn.microsoft.com

Overview of Microsoft 365 Lighthouse - Microsoft 365 Lighthouse

For Managed Service Providers (MSPs), learn how Microsoft 365 Lighthouse can help you secure and manage customer tenants in one location.
learn.microsoft.com
Has very basic tenant management.
Piggy back to your Microsoft Partner links

CIPP Cyberdrain Improved Partner Portal
cipp.app

CyberDrain Improved Partner Portal

Discover the ease of Microsoft 365 management with CIPP, the open-source solution tailored for MSPs seeking expertise and efficiency
cipp.app cipp.app
Has a free version you can install and host yourself on your own equipment or virtual server.
Has a low priced ($99/mo) version you can have hosted by them, with some ticket based support.
VERY complex
VERY granular
I signed up with it a few months ago. Barely have the time to fiddle with it, but I did use it to deploy all new GDAP relationships with our ~200 365 tenants. So it was worth the cost right there. No commitment to the monthly either. Does have a lot of templates you can use, and pre canned routines for say...retiring a user. Also has a lot of growth due to MSP input, they listen. One thing I saw it does, you can take a 365 tenant..."groom it" to your standards...put all those little intricate settings in...and then export that..and save it as template to apply to other tenants.
So good for tenant management
Good for templates
I don't believe they have remediation or alerts in there...yet.
Pulls in through your Microsoft Partner links

SaaS Alerts
saasalerts.com

SaaS Security Platform | SaaS Alerts - SaaS Alerts

Protect and monetize your customers’ SaaS applications, with real-time alerting and auto remediation for Managed Service Providers (MSPs).
saasalerts.com saasalerts.com
I've used this for the past...almost a year.
It started out as an automated alerting/remediation system. They also added "templates" for best practice settings.
I like this tool.
It can really narrow down the geo area of your client...not just conti United States...but you can enter your clients office ISPs primary gateway on the internet, and it can reference the geographically closest Microsoft datacenter also. Also works with Google, also protects other SaaS programs like Intuit, DUO, many RMMs, etc.
One thing that is neat, it integrates with many RMMs...so it can "pull in" user devices, and reference them to the 365 user accounts. It can now "trust" that device...so if say, a client takes their laptop to Thailand..and logs in from over there...the system will see that login from Thailand...but..also see that it logged in from the clients laptop...and trust it. Pretty cool for clients that travel a lot.
I like this tool. A little pricey to start...you have an initial buy in...have to start with at least 500 mailboxes. So if you only have a few clients..it'll be steep. I did negotiate hard..and got my price down pretty good..but only did a 1 year lease in case I didn't like it.

BUT...I am worried...because this past winter, K-Mart...I mean....Kaseya..bought them. So I've been looking at other tools, as I anticipate a huge price hike once my contract is up.

Directly bolts into each clients 365 tenant uniquely as an enterprise app, not through your partner links.

SkyKick Manager for 365, and add-on...Security Manager for 365.
www.connectwise.com

Microsoft 365 security management for MSPs | ConnectWise

Microsoft 365 security management for MSPs.
www.connectwise.com www.connectwise.com
I tried this a couple of years ago, for 1 year. A big promo Pax8 had. Per User price. Sorta complicated. A 365 manager...had an add-on for security templates. We did test drive it right when Microsoft started their "Gotta use GDAP links from now on"....and this tool made it wicked..wicked easy, as it reached out into your clients 365 tenants through your Microsoft Partner link. Tech support was...slow and not helpful. Their user forums were a ghost town. I cancelled after the first year. Since bought up by ConnectWise.

Octiga

Microsoft Office 365 Security Monitoring | Vulnerability Management

Microsoft Office 365 security vulnerability management solution for MSPs. Monitor & fix risky clients. No PowerShell needed.
www.octiga.io www.octiga.io
I did look at this...sat through 2x demos. Very slick. Was locking down tenants, and alerting you. Did not have any automatic remediation yet...and across 9 months..the main sales guy (the guy who started it) said it was nearly out...and 9 months later...still said it was nearly out. But I decided to not do it because...during that 2nd demo I sat through, his 2nd in charge guy....fell asleep (work from home Teams or Zoom meeting)....and started snoring during the presentation. Unmuted. The main guy should have fired him! Not a good look! I figured...if they don't have good standards...I want nothing of this tool.

MSP Easy Tools

Saas M365 Multi-Tenant Management for MSPs | Monitor, Alert & Fix

Effortlessly manage M365 with SaaS tools for MSPs: real-time monitoring and security, rapid alerts, speedy fixes, compliance assurance, all-in-one affordable solution.
www.mspeasytools.com www.mspeasytools.com
I tried a brief demo of this about 3 years ago. Wasn't terribly impressed.

Augmentt
www.augmentt.com

M365 Cybersecurity and Management Platform for MSPs

Augmentt's platform gives MSPs visibility into SaaS apps and M365, enabling audits, protection, and threat detection for end users.
www.augmentt.com www.augmentt.com
I plan on looking at this. Esp since PAX8 added it

Inforcer
www.inforcer.com

inforcer | Standardize 365 policies across multiple tenants

Standardize Microsoft 365 security policies across multiple tenants with ease using inforcer. Gain visibility, upsell security offerings, increase compliance and reduce risk. Book a demo now!
www.inforcer.com www.inforcer.com
I plan on looking at this

Inside Agent
insideagent365.com

Inside Agent 365 | Microsoft 365 Automated Security for MSPs

Inside Agent 365: Automating Microsoft 365 security for MSPs. Simplify tenant management and enhance security effortlessly.
insideagent365.com insideagent365.com
I do want to look at this...soon. Heard good things about it, learned about it from chatting from someone I met on this board here...haven't seen him here in a long time though. Anyways...a big You Tube MSP master of Microsoft 365...Jonathan Edwards...uses this tool and has good things to say about it.

Others...
Simeon
www.simeoncloud.com

Tenant Configuration from Simeon Cloud

Automate, audit, backup, and restore M365 configurations to adhere to security and compliance baselines.
www.simeoncloud.com www.simeoncloud.com

365Sentri

365sentri

365 Tenant Management and Administration
365sentri.com 365sentri.com
I will look at this too...

...can't remember more at the moment....
 
@thecomputerguy

I've abandoned Google entirely, other than search, and the occasional poking at their AI.

Firefox is my daily personal browser, it's also what I use for research.

Edge is my daily business browser, it's got all my MS stuff welded into it, and handles the things that are SSO'd to my Entra identity. It's "chrome" of a sort, and has the app feature, which I use for many of the SSO enabled applications.

Between the two browsers, and Firefox's containers I've got everything I need to spread out, and keep my world organized and moving. And none of it is inundated with ads.

I've looked at Brave and LibreWolf, I just haven't felt the need to really move to them. But I may add Brave to the list just to piss off Google and their Youtube ad engine.
 
Sky-Knight said:
I've looked at Brave
Click to expand...

Then definitely have a look at Vivaldi. I used to use Brave as my daily driver, but found that some of its privacy-preserving features were just a tad over-aggressive, particularly in regard to online banking and the like.

I'd personally not go back to Brave (though I still do recommend it) because Vivaldi does all the privacy protection and ad-blocking but at a "level" I like. I also like its UI better.
 
You must log in or register to reply here.
Back
Top