Classics for All is a UK charity dedicated to widening access to classical subjects in schools. Through partnerships with educators, funders, and community programmes, the organisation supports training, curriculum development, and outreach to ensure young people of all backgrounds can benefit from studying Latin, Greek, and classical civilisation. Their work relies on secure, reliable digital tools to manage communications, coordinate programmes, and protect sensitive organisational data.
As Classics for All continued to grow, so did the need for a stronger security framework across their Microsoft 365 environment. The organisation required improvements in its Secure Score and the implementation of Conditional Access to reduce risk from unauthorised access, phishing attempts, and malware. They needed protection not only for user accounts but also for email, data sharing, and access across different devices.
The challenge included establishing tighter control over sign‑ins, enforcing consistent security policies, and introducing modern protection features without disrupting daily operations. Strengthening email security, improving threat detection, controlling data sharing, and aligning system behaviour with best practice were key priorities. All work needed to be completed in a way that supported users and enhanced overall confidence in the organisation’s digital security posture.
We delivered a comprehensive set of security improvements designed to strengthen protection across the entire Microsoft 365 environment. Conditional Access policies were configured and enforced to control sign‑in behaviour, verify user identity more securely, and prevent unauthorised access. We enabled the Defender Standard Policy to provide advanced protection against malicious content and to ensure that email traffic benefited from continuous monitoring and threat analysis.
Email safeguards were significantly enhanced by updating the Anti‑Phish, Anti‑Malware, and Anti‑Spam policies, helping to reduce exposure to scams, malicious attachments, and harmful links. A new Quarantine Policy was created, and global settings were updated to give the organisation better oversight of suspicious or harmful messages.
We improved data governance by updating user consent settings, enabling data sensitivity labels, and applying company branding for added clarity and trust. Additional protections were introduced to limit unnecessary risk, including disabling user‑installed Outlook add‑ins and preventing external calendar sharing. To support secure access on personal devices, we implemented BYOD app protection, ensuring organisational data remained controlled even when accessed outside managed hardware.
Classics for All now benefits from a far more secure, controlled, and resilient Microsoft 365 environment. Staff access is safer and more consistent, with Conditional Access ensuring only trusted users and devices can sign in. Enhanced email filtering dramatically reduces exposure to phishing and malware, while the new quarantine processes improve visibility and threat management.
Data is better protected through clearly implemented sensitivity labels and app‑level controls on personal devices. Administrative workload has reduced thanks to improved global policies and centralised security settings. With Outlook add‑in restrictions and controlled calendar sharing, users now work in an environment that prioritises security without adding unnecessary complexity.
The improved Secure Score reflects a robust and modern security posture, giving the organisation confidence that its digital workspace is well‑protected and aligned with recommended standards. These upgrades provide a solid foundation for continued growth and safe collaboration across teams and partners.
- Conditional Access configured and enforced
- Defender Standard Policy enabled
- Anti‑Phish, Anti‑Malware, and Anti‑Spam policies updated
- Quarantine Policy created and global settings improved
- Data sensitivity labels implemented
- Company branding applied for clarity
- Outlook add‑ins installation disabled
- External calendar sharing disabled
- BYOD app protection established
