Identity-first security — Entra · Defender · Purview
Identity is the perimeter now. We engineer Microsoft to hold it.
Identra configures Conditional Access, Defender XDR, Sentinel and Purview for organisations that already pay for E5 and never saw the controls switched on. No new vendors — your Microsoft estate, set to enforce least privilege and surface the attacks that inbox rules miss.
- Focus
- Microsoft 365 E3 / E5 · Entra Suite
- Engagements
- Fixed scope, fixed price
- Principle
- Verify explicitly · least privilege
01 — The gap
Owning the licences is not the same as being defended.
Most teams we meet have the right SKUs and the wrong configuration. The capability is already in the tenant — paid for, switched off, or half-applied:
- 01Conditional Access left in report-only — logged, never enforced.
- 02Defender licences assigned; alerts land in a queue nobody owns.
- 03Purview labels published; DLP policies still running in test mode.
We find these gaps, then close them — with the tenant you already have, not a migration you do not need.
Services
What we engineer
Identity & access
Risk-based Conditional Access that gates every sign-in on identity risk and device compliance — backed by access reviews and PIM so standing privilege stops quietly accumulating.
- Entra ID
- ID Protection
- Intune
- PIM
Threat detection & response
Defender XDR wired so endpoint, identity, email and cloud-app alerts correlate into one incident — then routed, triaged and answerable from a single queue in Sentinel.
- Defender XDR
- Sentinel
- KQL
Data governance & compliance
Purview sensitivity labels and DLP that actually block exfiltration instead of logging it, with audit and eDiscovery you can stand behind when someone asks for evidence.
- Purview
- DLP
- Audit
Method — five phases
A scoped sequence, not an open-ended retainer.
- 01
Assess
tenant + gap review
- 02
Design
policy architecture
- 03
Deploy
phased rollout
- 04
Enable
handover + runbooks
- 05
Operate
tune + review