Email Security with Office 365

For a long time email has been the weapon of choice for hackers. They use it to spread malware and ransomware in many different ways like asking recipients to visit URLs or download an executable file.

In order to address this it is crucial for all Office 365 users to have the strongest security measures in place as is possible. The built-in features to provide cybersecurity that come with Office 365 do provide a measure of security but, as we will discuss, it is insufficient to properly protect you in the face of every evolving tactics employed by hackers. These features can conduct basic checks like finding recognized sources of malware and ransomware quite successfully. However they will still leave you vulnerable.

Another reason for Office 365 users to be concerned is the growing number of users on the platform, making it a much more attractive target for hackers. In 2018 it was reported that 3 millions users per month were subscribing to the service and the overall level of membership was 155 million.

One lapse by a member of staff could easily lead to cybercriminals obtaining access to valuable data on your network or even use one of the staff accounts to spread their viral downloads even further afield. Network managers should leave no stone unturned as they try to completely block their network from being infiltrated.

The free protection that comes in the box with Office 365 is really an entry level of cybersecurity known as Exchange Online Protection (EOP). EOP is excellent at detecting and blocking recognized malware attacks, however it comes up short when the issue is detecting and blocking spam attacks coming from unknown sources. This is due to the fact that it is so reliant on signature-based malware detection. Even though the static lists of known sources of spam attacks are updated as quickly as every 15 minutes. This may seem very strong but when you take a closer look at the figures there are approximately 350,000 new malware attacks being discovered on a daily basis so some are bound to get through the net every 15 minutes.

Along with this there are other question marks in relation to the effectiveness of EOP anti-spam measures, one paper suggested that almost one quarter of phishing emails are able to skip around EOP defenses. There is a further level of paid cybersecurity provided by Microsoft for Office 365 which is more effective. This is called Advanced Threat Protection (APT). However it has also been found to be inadequate and is, at best, a middle market solution.

It is important to identify a premium solution that can give you a 99% detection rate to ease the pressure on your Office 365 users as much as possible. A multi-layered solution is important and a cloud based solution is ideal as it is updated in real time.