Professional Documents
Culture Documents
Engagement and
Delivery Guide
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, our provision of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
The descriptions of other companies’ products in this document, if any, are provided only as a
convenience to you. Any such references should not be considered an endorsement or support
by Microsoft. Microsoft cannot guarantee their accuracy, and the products may change over
time. Also, the descriptions are intended as brief highlights to aid understanding, rather than as
thorough coverage. For authoritative descriptions of these products, please consult their
respective manufacturers.
© 2019 Microsoft Corporation. All rights reserved. Any use or distribution of these materials
without express authorization of Microsoft Corp. is strictly prohibited.
Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation
in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.
About this Guide
This document will walk you through what’s necessary to deliver the Microsoft Security
Workshop successfully. The guidance provided is intended for all roles that will deliver this
experience, from Microsoft technical specialists to Microsoft partners.
Customer struggles
Inadequate budget
Inability to replace legacy systems and technologies
Inadequate in-house experience
Integration challenges
High volume of data and alerts to manage
Microsoft Partner
Please note, you can deliver the Security Workshop with a Threat Check assessment, or without
it. If you are planning to deliver the Security workshop with the Threat Check component, be
aware that there are critical advance steps to be completed before the Workshop Day.
The Threat Check engagement starts with an remote pre-engagement call of approximately one
hour, followed by on-site or remotely delivered meetings as per following suggested timeline:
On average, allow a one-week gap between the pre-engagement call and the date for which the
kickoff meetings are scheduled. The reason for this is the time that is needed to assure the
availability of customer stakeholders as described in the “Example Schedule” section of this
document.
Allow between a one and two-week gap between the initial meetings and the Workshop Day of
the engagement to allow tools used in the Threat Check engagement to discover security
threats to the customer’s organization. Two weeks is recommended for most organizations.
During this period, avoid including extensive holidays, vacations, etc. as some threats might be
exposed (observed) when customer’s users perform their usual activities at work (sign-in, open
emails, share data). For organizations, that don’t have very tight security policies, or where user
awareness of information security is not very high, allowing for a gap closer to one week is
acceptable, but you should agree to that on an exception basis.
Threat Check engagement, in this case, is delivered as part of Security Workshop engagement.
The results will be presented in the “Threat Check Results” on the Workshop Day as in the above
suggested timeline.
Pre-engagement call
Activity Description Outcome Customer Time
attendees
Asset: Please use the Customer Deck to explain the Security Workshop details, expectations,
timeline, and scope.
If the customer wants to do the Threat Check, download the Microsoft Threat Check Toolkit
within the delivery files at https://aka.ms/securityworkshopkit.
Microsoft Security
We’ll kick off the day by exploring today’s cybersecurity landscape: the challenges and the
opportunities to better protect ourselves against threats. We’ll introduce Microsoft’s security
vision as well as outline Microsoft’s unique approach to providing integrated security. This
approach offers broad protection while using the intelligence that comes from Microsoft’s
massive amounts of security-related signals and insights.
Objective: Deliver Microsoft Security pitch and hero demos
Duration: 1h
Discovery Session
During this session, you will walk your customer through an interactive activity to better
understand their strategic objectives, influences, and priorities. This activity will be crucial to
understand the solutions’ fit and will define the next steps.
Don’t forget:
• Discovery is the most important part of the workshop
• Customers love to talk about themselves
• It’s an opportunity for the customer to look at their program through a fresh lens
• Be engaged and a challenger, not just a note taker
• Utilize insights immediately throughout workshop delivery and overall sales motion
Objective: Learn about customer’s priorities, initiatives, and key influences on their security
strategy.
Duration: 2hs
Threat Check
Review the Threat Check report to understand better, prioritize, and mitigate potential vectors of
cyberattacks against your organization.
Objective: Showcase how Microsoft 365 security products can help customers mitigate and
protect against the threats found during the period of this engagement with real data
Duration: Pre-work: 2 days; Threat Check Results: 45 min
What you will need to deliver this session
See complete guide and documentation within the Microsoft Threat Check Toolkit.
Objective: Demonstrate key scenarios – both end-user and SecOps – that brings to life how
Microsoft solutions works
Duration: 2hs
This is an optional module if the audience requires deep technical content instead of the CIE.
Go deeper and have a whiteboard session with security experts. If your customer is expecting
deep technical content, please:
1. Engage CSG team, or
2. Request a Microsoft 365 Security Design Architecture Session from the MTC Catalog