When Office 365 was first launched in 2011, it wasn’t immediately clear that it would be the major success that it has turned out to be. While the popularity (and ubiquity) of Microsoft Office was not to underestimated, at the time there remained concerns about the viability of a cloud-based version, with people concerned about the security and uptime with cloud software.
In 2020, those concerns have been mostly allayed. According to Microsoft's FY20 Q1 results, Office 365 now has 200 million monthly active users, with around three million users coming on board every month. Misperceptions about general levels of cloud security have abated, and Microsoft has made commendable efforts to keep Office 365 safe and secure. Yet Office 365 remains a major target for cyber criminals and hackers are becoming more sophisticated and targeted in their approach. That’s why it makes it more surprising that many organizations feel that the security within Office 365 is sufficient. It really isn’t.
To keep Office 365 safe and secure, it requires an additional layer and Clearswift is the perfect complementary security solution for Office 365.
Hackers and Office 365
Office 365 requires that additional layer because once an attacker gets into one Office 365 account, they can then potentially use that to access other accounts and do far more damage. That’s why hackers have really upped their game when targeting Office 365, these are just some of the ways in which they do so:
- More realistic phishing campaigns - Office 365 phishing scams are becoming much more realistic, whether that’s using a pretend live chat feature, mimicking a meeting request from a colleague or a non-delivery email that asks the user to resend. Clicking on the link in such communication will take the user to a phishing site that looks like an Office 365 page.
- New ways of using malware – hackers can now include malware in images and documents, and when sent to a user from what may look like a legitimate email address, can inject that malware even during a preview. Office 365 does not check the source of a document before previews and this can leave a majority security hole for organizations using Office 365.
- Bypassing Office 365 security – sometimes hackers will find a way around the Office 365 security completely. In a 2019 attack known as NoRelationship, hackers bypassed Office 365’s file filters, which do not always scan entire documents to ascertain the threat, relying on xml.rels files to list the external links within the document. The NoRelationship attack saw the cyber criminals remove the external link entries, preventing filters from identifying any threat.
Clearswift Secure Email Gateway + Microsoft Office 365
Deploying the Clearswift Secure Email Gateway (SEG) alongside Microsoft Office 365 however, can address all the above attacks and more, without compromising any of the features that make Office 365 such a popular business tool.
The enhanced Adaptive Data Loss Prevention (A-DLP) defences within Clearswift SEG mean that it can offer more comprehensive (and easier to configure) A-DLP and compliance controls, an additional layer of ransomware and Advanced Persistent Threat (APT) protection, and better visibility of policy violations and tracking of message flow. It can be deployed on-premise, in the cloud or as a managed service, depending on user preference, but offering the same levels of protection irrespective of how it is deployed.
Any good security solution will remove any risk without blocking communications unnecessarily and impacting on day-to-day business effectiveness. Clearswift SEG does this via redaction of documents and emails to remove sensitive data, anti-steganography functionality to prevent exfiltration of sensitive information within image files and Optical Character Recognition (OCR) functionality to detect sensitive information within image files and scanned documents.
An additional layer of protection
Deploying Clearswift SEG will also provide an additional layer of protection against phishing, ransomware, malware and APT attacks. Any organization can remove the active content from common office document formats and deliver the sanitized underlying data through to its users, removing the active content that is commonly used in successful ransomware attacks. Because it removes all the active content, then there is no ability to fool the defences within Office 365 either.
Providing this extra layer of protection is essential for Office 365 to be as safe and secure as organizations want. Clearswift has a long history being deployed alongside Office 365 and it makes for a truly compelling partnership.