Microsoft 365 NetworkGuardian

Cloud based IT Infrastructure that exceeds information security compliance 
for mortgage companies


Secure your organization’s systems, users and data with a deep level of protection.

Microsoft 365 NetworkGuardian includes the Enterprise Suite of Office 365 along with additional security services powered by the Microsoft Azure Cloud. Our fully managed IT service package utilizes the latest cloud services and automation to provide modern technology for productivity and security. We specifically designed and configured our BankGrade package to check all the boxes when it comes to security compliance for mortgage companies. Mortgage companies with as few as one employee can now get the same enterprise level security as much larger financial institutions. Utilizing cloud services gives your workforce the ability to work from any location and with any device while meeting the strict security requirements required in the mortgage industry. 

With an efficient pay as you go model you only pay for the services you need that scale up and down each month with the size of your workforce. This cloud-based model replaces the need to manage servers in your office and will eliminate the need for traditional IT service providers. Your Microsoft tenancy remains portable, so you can transfer your platform directly to Microsoft or to another IT services provider and are not trapped in a long-term contract. Microsoft 365 NetworkGuardian provides a higher level of security and monitoring while savings thousands each year.  

ABT is a certified Microsoft Gold partner and cloud solutions provider that deploys Microsoft Azure services configured specifically for mortgage companies. We currently provide IT infrastructure in Microsoft Azure to over 900 mortgage companies nationwide. 

Compare with Other Providers >


Assess, design, and deploy:

To get started, ABT completes an assessment of your existing IT infrastructure and data. Then we design your cloud based network for compliance, security and productivity. We know change is difficult and the loan business never stops, but do not worry. We’ve deployed cloud-based IT infrastructure for over 1,500 mortgage companies, banks and credit unions. 

  • Professional Data migration services 
  • Automated Email Migration with no downtime 
  • No business downtime 
  • Live training  

Streamlined and friendly employee onboarding:  

With Windows Auto-Pilot and scripting automation new employee onboarding is quick and easy. Your new employee can count on a call from a professional ABT technician to answer questions, provide training and ensure they have access to everything they need to start work fast. We realize first impressions are important and good employees are hard to come by. 

  • Single sign on for the PC, email, desktop and mobile applications 
  • Software is pre-installed with no additional sign-ins required 
  • Authorized document folders are mapped to the PC for easy access 
  • Microsoft Teams enrollment based on role and department 


Secure and compliant employee offboarding:

ABT’s offboarding process ensures company data is safe and archived for compliance. Personal mobile devices are remotely wiped of company data and access is blocked to all company assets. Licensing is removed and the email account is converted to a free shared mailbox so designated employees can monitor incoming email.  

  • PC’s are wiped of company data and reformatted for the next user 
  • ABT updates the hardware inventory list and the employee termination date is logged in Active Directory 
  • You company data is safe even if the former employee doesn’t return their PC 


Chat and document hub with groups-based access permissions:

We create a centralized Intranet hub to store public documents, post company news and an outlet for leadership communications. We configure Microsoft Teams to create group chat, document storage and communications through video conferencing, internal phone calls and recording and transcription services. We map local folders for each employee for easy access to documents for editing, uploading and sharing. We configure Microsoft Teams and SharePoint sites to replace file servers, shared drives and box type services. Depending on your security needs these hubs are only accessible through company managed devices. Using our Mobile Application Management service employees can utilize their personal mobile device to access email, Teams and documents only when the device meets security policies. Company data on mobile devices can be removed at anytime by the company administrator. 


Hardware and software management:

Anti-virus software isn’t enough. With today's cyber threat landscape you need several layers of security to protect your data, your borrowers and your business. Employees are mobile and they may be using more than one device to get their work done. We use Microsoft Endpoint Manager to enforce policies that prevent unauthorized access to your network. While some companies let their employees login to Outlook, Teams and OneDrive from any device our security policies ensure employees only get access to company assets from professionally managed devices. 

  • Only designated PC’s can access email, documents and applications
  • Personal mobile devices get access to the network only after they enroll in Mobile Application Management.
  • Remotely wipe company data from company owned PC’s and employee owned mobile devices 
  • Windows updates and software patching managed remotely by ABT
  • Hardware inventory and software access tracking 

Learn More about Device Security Policies, Conditional Access Policies and Mobile Application Management in the cloud. 



Reporting, monitoring, and remediation:

Mortgage companies are under constant attack. Hackers know that many small to medium sized mortgage companies have little security and a wealth of valuable information. You can’t set it and forget it. You need a professional team that monitors network access logs, malware, phishing emails and social engineering attacks. 

  • Rapid Response Team for security incidents
  • Device compliance monitoring and remediation
  • Immediate phishing attack remediation
  • Weekly security and incident reports 


Professional support, administration, and training:

Keep your workforce happy and productive and let ABT manage your IT administration tasks. Let ABT support your employees with unlimited calls to the help desk for questions, training, and anything else they might need. Our support team is made up of seasoned professionals who talk to mortgage professionals all day. Whether they're working from home, on-the-go, or at the office we provide in-house ABT employees to fix problems fast.  

  • 24/7 Phone Support 
  • 1-hour response times 
  • Onboarding and offboarding 
  • New user accounts and password resets 
  • Microsoft, PointCentral and Encompass experts 


What’s included with NetworkGuardian BankGrade?

  • Premium Office 365 License
  • Desktop Support
  • Email Encryption
  • End User Training
  • 1 TB of Secure Document Storage for each person
  • Screen Sharing/Remote Access
  • Enterprise Chat/Video Conferencing
  • SharePoint Team Sites
  • TLS Server to Server Encryption
  • MFA
  • Data Loss Prevention
  • Expert Setup and Configuration
  • Azure Active Directory Premium
  • C.F.P.B Compliant
  • Info Sec Policy
  • Archiving
  • 50 GB Mailbox
  • Premium Desktop Apps
  • Premium Mobile Apps
  • Manage and Monitor PC’s
  • Manage and Monitor Mobile Devices
  • Azure Domain Join with firewall polices
  • Protect Apps on employee owned devices
  • Mobile Device Wipe
  • Remote PC Wipe
  • Monitoring and Real Time Reports
  • Information Protection
  • Advanced Spam Protection
  • Safe Attachments
  • Safe Links
  • Document Legal Hold
  • OneDrive for Business
  • Microsoft Teams


WhitePaper at >

Learn more about the services included with NetworkGuardian BankGrade:

Information Security Policy

Mortgage companies are required to have a written information security policy. Companies that subscribe to NetworkGuardian receive a 46-page Info-Sec policy. It includes an outline of your entire network infrastructure in the cloud. Each employee should sign a copy of your policy. Keeping your policies on file will contribute a successful information security Audit.

Azure Domain Join Devices

MWS powered by Windows 10, provides automatic and universal enforcement of security policies that will reduce your business’s risk of data breaches. By Azure Domain Joining Windows, IOS and Android devices administrators can enforce the following policies:

  • Device encryption to help prevent unauthorized access.
  • A six-digit PIN or password.
  • An inactivity timeout period.
  • Antivirus and malware protection, and signature updates via Windows Defender or Lookout for Work.
  • Auto-updates on Windows 10 devices that include the latest security updates.
  • Pushing VPN and wireless settings and certificates to your device.
  • Clear separation of business and personal data. Users or admins can selectively wipe corporate data from the device, while leaving personal data such as pictures, personal email accounts, and personal files untouched.


Policies that Intune enrollment doesn’t enable include:

  • Tracking or locating an employee’s device.
  • Access to personal data contained in SMS, text, videos, pictures, files, phone call logs, personal applications, or messaging services.
  • Access to the contents of personal or corporate email. If necessary, as part of the selective wipe process, corporate email accounts can be deleted by Intune to remove corporate email account settings and email messages from a device, but message content is not accessible via Intune.

Device retirement

  • A self-service portal gives people the ability to check their system health and to unenroll a device that no longer needs to be managed. For example, if a device has been lost or stolen, the user can either remove Intune management or ask us to do so. When a device is removed, corporate assets are automatically deleted. Devices can be completely or selectively wiped.
  • full wiperestores the device to its factory defaults. This removes all company and user data and settings. A full wipe can be performed on Windows Phone, iOS, and Android devices.
  • selective wiperemoves only company data. The specific data that a selective wipe removes and the effect on data that remains on the device vary by platform.

Monitoring and Real time Reports

  • Threat Protection Status (TPS) is single dashboard that provides information on malicious email that was detected and blocked so administrators can adjust policies such as turning up spam filtering. TPS also shows any email messages that had harmful attachments or URL’s that were blocked by the anti-malware engine.
  • Auto-Forwarded messages report will show you any email accounts that are automatically forwarding their emails to an external email account. It will show you the user that is forwarding, how many emails were forwarded and to which domain. This dashboard provides insight into any account that may be maliciously forwarding company emails to a 3rd


Data Loss Prevention

With Data Loss Prevention you can identify, monitor, and automatically protect sensitive information across Office 365. For example, if an employee tries to send an email containing a social security number or credit card number, they will be required to first encrypt the email.

Outlook Message Encryption

Employees can easily send encrypted email messages and encrypted attachments from Outlook.

Email Archiving and Retention

Email Archiving and Retention is a cloud-based, enterprise-class archiving solution that provides archiving, compliance, regulatory, and eDiscovery challenges. Emails will always be available to an administrator even if an employee deletes emails from their account.

Information Protection

Azure Information Protection protects sensitive emails and documents giving employees the ability to apply rules and conditions. For example, a document or email marked as sensitive cannot be opened or access by anyone outside of your company.

Advanced Threat Protection

Advanced Threat Protection safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. ATP includes:

  • Sophisticated attachment scanning and AI-powered analysis to detect and discard dangerous messages.
  • Automatic checks of links in email to assess if they are part of a phishing scheme. This keeps you safe from accessing unsafe websites.