Office 365 Protection

Microsoft Office 365 is the most widely adopted software-as-a-service (SaaS) platform. With so many businesses using Office 365 it is a big target for cybercriminals, so it is important to get Office 365 protection right.

Microsoft’s FY20 results revealed there are now 200 million active users of Office 365 each month and the number of new users is increasing at a rate of around 3 million a month. Office 365 is a suite of productivity enhancing products that includes email. If cybercriminals can gain access to Office 365 credentials, they will be able to access huge quantities of sensitive data that can be sold on the black market. Office 365 email accounts can also be used for business email compromise scams and for conducting spear phishing attacks on suppliers, contacts, and customers. Office 365 credentials are in high demand and attacks on business Office 365 environments are rife.

What Office 365 Protection Does Microsoft Offer?

Microsoft offers customers two levels of Office 365 protection, the first level, Exchange Online Protection (EOP), is included in the license cost for all users. Exchange Online Protection for Office 365 provides a basic level of protection against spam, phishing emails, and malware. This level of protection will reduce the threats that are delivered to inboxes, but this level of Office 365 protection will not be sufficient for most businesses. While EOP is effective at blocking spam and known malware threats, it is far less effective at blocking phishing emails and zero-day malware threats – new malware variants that have not previously been seen. Malware is constantly being redeveloped to fool anti-virus engines and new variants are now regularly being released.

The second tier of protection is Microsoft’s Advanced Threat Protection (APT) offering. APT includes more advanced threat detection capabilities and incorporates features such as Office 365 ATP Safe Attachments, Office 365 ATP Safe Links, and Office 365 ATP Spoof Intelligence. APT is included with E5 subscriptions, but for other customers it is offered as an add-on security service for an additional cost.

Office 365 ATP Safe Attachments checks email attachments and uses threat intelligence to determine if the attachments are malicious. Office 365 ATP Safe Links provides time-of-click protection against malicious hyperlinks in emails and Office documents. If hyperlinks direct a user to a downloadable file, that file will also be checked to determine if it is malicious. Office 365 ATP Spoof Intelligence provides protection against email impersonation attacks. These Office 365 protection mechanisms and other advanced features are only available with APT.

While the level of protection provided by Microsoft through EOP and APT will block many threats, the level of protection provided may not be enough for many SMBs and enterprises. The independent security software testing company SE Labs conducted tests on Office 365 protection provided by EOP and APT and found that even with APT in place, protection from phishing and malware was only at the low to mid-market level. One study by Avanan, conducted in 2019, saw 25% of phishing emails delivered to Office 365 inboxes. Only 75% of phishing messages were blocked. For this reason, many businesses prefer to implement a third-party email security solution on top of EOP to ensure more malicious messages are blocked.

Improving Microsoft Office 365 Malware Protection

Microsoft Office 365 malware protection is too basic for many organizations. It is effective at blocking known malware threats but is not as good as many third-party Office 365 malware protection solutions. Microsoft has its strengths and its business productivity solutions and operating systems are excellent, but when it comes to security, there is a lot to be said for choosing an email security solution provided by a well-established cybersecurity vendor that lives and breathes security.

Businesses concerned about email security for Office 365 consider augmenting Microsoft’s email security defenses with a more powerful third-party email security solution that includes more advanced malware machine learning capabilities to detect zero-day phishing and malware threats.

There are several third-party email security solutions for Office 365 that will provide far greater protection from the full range of email threats. Serious consideration should be given to those solutions to protect against Office 365 account compromises and costly data breaches.