Skip to content

Microsoft 365 tooling vs. implementation: why proper setup is more important than owning a tool

Secure At Work
By Kenneth van Surksum |

In recent years, the number of tools for automated Microsoft 365 management has exploded. From solutions such as CoreView Configuration Manager, Inforcer, SuperVision, Ydentic and Nerdio to emerging platforms such as Overe, Augmentt, Zerotouch and CloudCapsule – the market offers ample choice for both MSPs and enterprise IT departments. These tools promise standardization, security by design and huge time savings. Yet an important insight is often underplayed: the power of tooling only really comes into its own with a well-thought-out implementation.

Tooling offers opportunities, but implementation determines success

Many of the platforms mentioned offer extensive capabilities:

  • Multi-tenant management and monitoring (such as Inforcer, Nerdio, SuperVision)
  • Baseline configurations based on CIS/NIST best practices (such as CoreView, Augmentt, Overe)
  • Drift detection and automatic recovery actions (such as CoreView, Overe)
  • Real-time device management (Zerotouch)
  • Security audits and reporting (CloudCapsule, Overe)

In addition, many tools have templates, golden masters or policy libraries that can be used to quickly deploy a baseline. But there is also a risk here: applying such a template to an existing environment all at once can lead to disruptions. Historical settings, exceptions or licensing restrictions may conflict with the baseline. This requires careful adoption, planning and communication.

Templates are a starting point, not an end point

While virtually all tools offer standard templates, the reality is that organizations often cannot migrate to a standard configuration all at once. There are differences by customer, by industry, by license level. Moreover, it is important that all exceptions are documented and traceable – something that tools like SuperVision and Ydentic explicitly support. Applying a baseline should therefore always be phased and substantiated. Consider prior audits (such as via CloudCapsule or Overe), a pilot tenant, or phased enforcement (report -> alert -> enforce).

The platform is alive: set-and-forget is no longer an option

Many security risks arise not from lack of tooling, but from outdated configurations. Microsoft 365 is constantly evolving – what is secure today may be obsolete tomorrow. Think new defaults, additional Conditional Access options, or new threat signals. Those who think they only need to set up a configuration once and then be rid of it are quickly falling behind the times.

Therefore, it is essential that organizations invest in a management model in which continuous improvement is embedded. Tools like CoreView and Inforcer offer support in this through integration with DevOps, for example, automatic policy updates and monitoring. But again, it is up to the user to actually utilize these features.

Build it yourself or use tooling? Think beyond technology

Organizations (MSPs or end customers) have roughly three options:

  1. Build your own tooling (e.g. with PowerShell, Graph API, DevOps pipelines)
  2. Deploy free/open-source tooling (such as CIPP or hardening scripts)
  3. Using commercial platforms (as mentioned above)

While self-build offers maximum flexibility, it also requires a lot:

  • Knowledge of Microsoft 365 APIs and changes
  • Maintenance of scripts and logging
  • Securing functionality during personnel changes

Therefore, it is important to consciously weigh up: does your organization want the time, capacity and responsibility to build and maintain a stable platform itself? Or do you use tooling where many lessons learned are already built in, including support, backing and roadmap?

The added value of Secure At Work

At Secure At Work, we strongly believe in combining standardization, flexibility and continuous optimization. For more than three years we have been helping MSPs and enterprise customers with:

  • A proven baseline for Microsoft 365, aligned with best practices
  • Continuous development based on community, vendor and own experiences
  • Support in the implementation of tools and design of change processes
  • Visual reports and documentation that substantiate compliance

Our approach enables organizations to make Microsoft 365 not only secure and manageable, but also future-proof.


Conclusion: a tool is only as good as the implementation behind it. Templates are valuable, but only effective if applied consciously and carefully. And automation is powerful, provided it is embedded in a strategy of continuous improvement. Invest in vision, not just software – and leverage tooling as an accelerator, not an end in itself.

Recommended Blogs

Secure At Work

Zero Trust is a must! And now what?

By Kenneth van Surksum |
Read more >
Secure At Work

Standardization and Professionalization of Managed Services

By Kenneth van Surksum |
Read more >