EasyLife 365 is a Microsoft 365 Certified app!
That's right, after various months of closely working with Microsoft and their partners, we are happy to announce that EasyLife 365 has been certified by the Microsoft 365 App Compliance Program.
What is the goal of the Microsoft 365 App Compliance Program?
The mission statement sums it up nicely: give Microsoft customers a way to completely trust the applications that run their organizations.
What did we have to do to achieve this certification?
So, Microsoft claims you can trust apps with the Microsoft 365 Certified label. But should you? The final decision is, of course, yours to take. Allow me to walk you through the past six months, and maybe you will get a better picture.
The process really started at the end of last year when we began looking into ISO certifications for our company and products. We started formalizing and documenting every single process a startup would just do without thinking twice about it.
I'm not only talking about onboarding new users and offboarding leavers. We documented every application and service we use, moved services that support it to Azure AD-based SSO, and forced MFA on all others. We ensured all our devices are Azure AD-joined, use Defender for Endpoint, and that users can only log in to our systems using compliant devices.
Azure Front Door secures the EasyLife apps, and we log all sorts of events to Application Insights. We use Microsoft Sentinel to help us sift through all those signals, and alert rules ensure we get notified as soon as something out of the ordinary occurs. Even in our small team, we have dedicated SecOps roles and require additional controls for accessing app infrastructure. We have documentation at the ready for when (not if) a security incident happens.
As soon as we learned about the App Compliance Program and its requirements, we realized that it could be seen very much like an ISO certification by our customers. We put all of the above (and more) into writing and submitted it for review to Microsoft. We conducted various meetings and endured a penetration test for the EasyLife app, cockpit, and API. And so, at the end of June, everything came back green, and we got our certification.
Wait, so you're saying Microsoft assessed everything and found absolutely nothing? I am glad you asked! The assessment identified two items classified as medium and one classified as low. We put all three findings straight into our backlog, and our devs are busy improving all three areas.
More information about what was tested: Application Information for EasyLife 365 by EasyLife 365 AG - Microsoft 365 App Certification | Microsoft Docs
Finally, out of all the apps in AppSource, only 59 are Microsoft 365 Certified at the time of writing.
We are happy and proud to have achieved this certification for EasyLife 365! Ultimately it should be a no-brainer for you, our valued customers and partners, to choose EasyLife.
What else is brewing?
We are making progress with the implementation of approvals for EasyLife, which is currently in preview.
Apart from that, some of our dev efforts are going towards a new product with the code name EasyTime. I am looking forward to sharing more information about that here soon!
As always, thanks for reading. Please don't hesitate to hit that button in the top right corner if you want to see EasyLife in action.