When Microsoft 365 was first launched in 2011, it wasn’t immediately clear that it would be the major success that it has turned out to be. While the popularity (and ubiquity) of M365 was not to underestimated, at the time there remained concerns about the viability of a cloud-based version, with people concerned about the security and uptime with cloud software.
As of Microsoft's most recent Shareholders' meeting, M365 has reached over 63 million subscribers. Misperceptions about general levels of cloud security have abated, and Microsoft has made commendable efforts to keep M365 safer and more secure, yet it still remains a major target for cyber criminals and hackers are becoming more sophisticated and targeted in their approach. That’s why it makes it more surprising that many organizations feel that the security within M365 is sufficient. It really isn’t--even with multiple tiers of security features, M365's email security capabilities can miss certain data security requirements that customers may have.
In fact, a research report issued by Egress in 2021 found a prevalence of outbound data loss with 85% of organizations using M365 having an outbound email data breach. So to augment your security architecture, it requires an additional layer and Fortra Advanced Email Security solutions are the perfect complementary security solution for M365.
Hackers & M365
M365 requires that additional layer because once an attacker gets into one M365 account, they can then potentially use that to access other accounts and do far more damage. That’s why hackers have really upped their game when targeting M365, these are just some of the ways in which they do so:
- More realistic phishing campaigns - M365 phishing scams are becoming much more realistic, whether that’s using a pretend live chat feature, mimicking a meeting request from a colleague or a non-delivery email that asks the user to resend. Clicking on the link in such communication will take the user to a phishing site that looks like an M365 page.
- New ways of using malware – hackers can now include malware in images and documents, and when sent to a user from what may look like a legitimate email address, can inject that malware even during a preview. M365 does not check the source of a document before previews, nor does it have anti-steganography tools which can leave significant security holes for organizations.
- Bypassing M365 security – sometimes hackers will find a way around the M365 security completely.
Clearswift Secure Email Gateway + M365
Deploying the Clearswift Secure Email Gateway (SEG) alongside M365 however, can address all the above attacks and more, without compromising any of the features that make M365 such a popular business tool.
The enhanced Adaptive Data Loss Prevention (A-DLP) defences within Clearswift SEG mean that it can offer more comprehensive (and easier to configure) A-DLP and compliance controls, an additional layer of ransomware and Advanced Persistent Threat (APT) protection, and better visibility of policy violations and tracking of message flow. It can be deployed on-premise, in the cloud or as a managed service depending on user preference, but offering the same levels of protection irrespective of how it is deployed.
Any good security solution will remove any risk without blocking communications unnecessarily and minimizing impact on day-to-day business effectiveness. Clearswift's SEG does this via redaction of documents and emails to remove sensitive data, anti-steganography functionality to prevent exfiltration of sensitive information within image files and Optical Character Recognition (OCR) functionality to detect sensitive information within image files and scanned documents.
Negate the Doomsdayers with an Additional Protective Layer
Deploying Clearswift's SEG will also provide an additional layer of protection against phishing, ransomware, malware, and APT-based attacks. Any organization can remove the active content from common office document formats and deliver the sanitized underlying data through to its users, removing the active content that is commonly used in successful ransomware attacks. Because it removes all the active content, then there is no ability to fool the defences within M365 either.
Providing this extra layer of protection is essential for M365 to be as safe and secure as organizations want. This is why augmenting M365 with a more robust Email Security solution, comprised of Clearswift's SEG, Agari Phishing Defense and PhishLabs' Suspicious Email Analysis, has shown more comprehensive benefits and levels of threat protection unparalleled in the industry.
