Skip to main content
Modern 42 Logo
All case studies
Financial Services06

Comprehensive Entra Security Review and Ongoing Partnership with a Global Financial Services Group

A global financial services group operating across multiple international markets engaged Modern 42 for an independent security review of its Microsoft Entra environment. What began as a focused assessment has since evolved into a strategic, ongoing partnership.

Industry

Financial Services

Sector

Global Banking, Asset Management, Wealth Management

Engagement Type

Strategic Advisory, Architecture and Design, Engineering

Technologies

Microsoft Entra ID, M365, Conditional Access, Azure AD Connect

Frameworks

ASD Essential Eight, APRA CPS 234, NIST Cybersecurity Framework

Financial ServicesSecurity AssessmentEntra IDConditional AccessM365 SecurityAuthentication UpliftBlended TeamExternal Partner Channel

The Situation

This organisation, a major global financial services group, required an independent and detailed security review of its Azure Active Directory (now Microsoft Entra ID) environment. The assessment needed to cover platform-level configurations, application security, access controls and synchronisation settings. Additionally, previous findings in their on-premises Active Directory required validation and remediation.

What We Did

Security Assessment

Modern 42 conducted a comprehensive security assessment of the Entra environment, evaluating platform-level security configuration, application configuration, Role Based Access Control (RBAC), Conditional Access policies, activity logging and monitoring, MFA configuration, AAD Sync configuration, guest account usage, and Graph API usage. We also validated and remediated previous Active Directory findings that had been captured in the organisation's risk register.

Conditional Access Framework

Following the assessment, we remediated Conditional Access policies and documented a CA Policy Framework for the organisation. We continue to provide ongoing support to the BAU team in maturing and implementing this framework.

M365 Security Assessment

We were subsequently engaged to deliver an M365 Security Assessment covering Office 365, Exchange Online, SharePoint Online, OneDrive for Business, Teams and M365 Defender. This report provided detailed findings and tailored recommendations for each platform.

Ongoing Partnership

The engagement has evolved into a strategic partnership, with Modern 42 resources now embedded in the organisation's Authentication project and Directory Services BAU team as a blended team. We are also leading the Blueprint, technical design and Proof of Concept for the External Partner Channel project.

The Outcome

Modern 42 delivered a detailed findings report with actionable recommendations, each with a proposed response priority, enabling the organisation to focus remediation efforts where they would have the greatest impact. The initial assessment engagement has grown into a deep, ongoing partnership. Modern 42 continues to provide Entra Engineers and Architects supporting both project and BAU activities across the organisation.

Key Wins

  • Delivered independent security assessments across both Entra ID and the full M365 suite
  • Designed and documented a Conditional Access Policy Framework now in active use
  • Remediated Active Directory findings from the organisation's risk register
  • Evolved from a single assessment into an ongoing blended team partnership
  • Leading the design and Proof of Concept for a new External Partner Channel capability
  • Embedded engineers and architects supporting both project delivery and BAU operations

Ready to move forward? Pick your path.

Whether you need a quick conversation, a structured assessment, or hands-on engineering — we’ve got an engagement that fits.

Start a conversation

30 minutes. No commitment. Let’s understand your environment and discuss where identity security can add the most value.

Book a call

Get an assessment

Identity maturity assessment, gap analysis, or architecture review. Walk away with a clear picture and a prioritised roadmap.

Explore advisory

Engage our engineers

PAM migration, identity modernisation, CIAM build, or platform uplift. Our specialist engineers deliver what your team needs.

Explore engineering

We use cookies

We use cookies and similar technologies to help personalise content, measure the performance of our site, and provide a better experience. By clicking Accept, you consent to the use of all cookies.
Learn more.