Microsoft Office 365 adoption continues to flourish among businesses of all sizes. In fact, CIO.com reported that, “Office 365 is the company's fastest growing commercial product ever, and adoption shows no sign of stalling.”
Today email security is no longer just about hygiene, anti-virus and anti-spam, it needs to include the protection of critical information through a data loss prevention (DLP) solution as well. For many, Office 365 security is not adequate for the modern enterprise as it does not protect against some of the newest information bourn threats which can result in a security incident. Augmenting Office 365 security will enable organizations to prevent financial, reputational and legal risk of sensitive data loss.
Here is a list of the ‘Top 10 Microsoft Office 365 Email Security and DLP Concerns’ alongside the positives of augmenting with Enterprise designed solutions:
|Microsoft Office 365 Alone||…with Enterprise Strength Security|
|1||Limited ‘stop and block’ approach to DLP to remove sensitive data, leading to potentially high number of false positives and burdensome impact on the business and IT||Adaptive DLP solutions offer more flexibility and control in dealing with policy violations and enabling continuous collaboration|
|2||No data redaction of sensitive information sent in email and/or attachments||An Adaptive DLP solution can automatically remove critical information, e.g. a credit card number, while leaving the rest of the communication to continue to the destination|
|3||No ability to sanitize messages and documents sent by email to remove ‘hidden’ information||An Adaptive DLP solution can automatically remove ‘hidden’ information which can cause reputational damage, for example document properties and version information – but leave the rest to continue to the recipient unhindered|
|4||No advanced threat protection of documents to remove active content and other potentially malicious components||An Adaptive DLP solution can automatically remove active content which may contain APTs and other malware from any document entering the organization|
|5||Inability to centrally manage and keep data loss policies consistent across multiple communication channels||Enterprise DLP needs to stretch across more than just email and have consistent policy across all channels, including web, endpoint and social media|
|6||Limited number of notification options||In the event of a policy violation multiple notification options are required. Adaptive DLP solutions enable the sender’s manager to respond, not just the IT department|
|7||Poor reporting||Enterprise strength security reporting is essential as a component for compliance and audit reporting. Default reports need to be able to be customized for each organization depending on their needs|
|8||Limited encryption options||Enterprise encryption options need to include PGP, S/MIME, ad hoc and portal based. Furthermore, selection of the appropriate needs to be based on policy with includes content and context|
|9||Lack of outbound email quarantine||Multiple quarantine areas for different policy violations, enabling appropriate segregation of data and duties|
|10||Limited email security hygiene options||Enterprise security is multi-layered, with the ability to have multiple anti-virus and anti-spam options and advanced detection options|
While Office 365 offers basic email security to help with spam and malware, there is still a lack of focus and functionality around data loss prevention which is required by companies of all sizes today. This may prevent organizations from seriously considering an Office 365 deployment, however when adopted alongside an Enterprise-strength solution, it is possible to overcome the limitations.
To learn more on how to address the Top 10 Office 365 Email Security and DLP Concerns, please review Protecting your information in Microsoft Office 365 and ARgon for Email, powered by Clearswift.