Performed a read-only Microsoft 365 security assessment for an 11-user UK logistics company, uncovering two Critical findings: MFA disabled on Global Administrator accounts and an active email forwarding rule on the Finance Manager's mailbox consistent with Business Email Compromise. Delivered a clear priority action plan, all remediable within 72 hours using tools already included in the client's existing M365 licence along with SharePoint sharing controls and Conditional Access policy configuration to close legacy authentication gaps.