Threat reports and new vulnerability discoveries are a critical piece for threat intelligence teams, as they help to provide awareness of attack campaigns and their evolution. As they gain this awareness, companies can build cyber resilience into Office 365 in the following ways:
Protect against phishing. Email is the number one cyberattack vector, meaning companies of all sizes need additional security protection beyond what’s included in the predictable costs and simplicity that Office 365 offers. Without additional defenses, businesses remain vulnerable because of exploits aimed at their end users.
Get true backups. Attacks happen, and as they become more sophisticated the chance of human error increases, opening the door for attackers. When attacks do happen, companies with backups can retain access to email and business records during an attack to be able to recover immediately afterward. An example of this in action recently was in the now infamous Baltimore cyber attack earlier this year. According to DarkReading’s Jai Vijayan, “The government of Baltimore reportedly lost a lot of key data in ransomware attacks earlier this year because it did not have basic policies for backing up employee systems.” Because the attack resulted in millions of dollars in damages and shut down vital city services, the Baltimore cyber attack may be an extreme example, but the costs associated with data loss, productivity, and revenue can be just as severe for major enterprises. In addition, Mimecast Sales Engineer Mikey Molfessis notes, “the volume of users on cloud-based email services such as Office 365 means there is more malware created for these environments. Criminals know they have only one lock to pick to gain access, so they focus their attention on these email cloud services because of the potentially large payoff.”
Improve admin efficiency. According to Osterman Research’s Ten Questions to Ask About Your 365 Deployment, Microsoft Security and Compliance provides administrators with only a piecemeal view of the threats their organizations face across various threat vectors. This puts the onus on administrators to manually correlate issues to gain a full picture view of the environment’s threats. By adding an advanced email security protection to Office 365, administrators can improve efficiency with one single interface for security, continuity and archives.
Ease the transition to Office 365. Hybrid environments are the way forward for many organizations, particularly at the large enterprise level; these companies use combinations of both cloud-based and on-premises email management systems. However, for companies whose goal is to move completely to the cloud, the transition can be time-intensive. As a result, the ability to secure multi-platform, multi-vendor email environments is essential.
Get redundancy during email platform outages. Office 365 is known for its global, long-term, continuity; however, disruptions at the local level can happen. According to the Osterman Research report, “Even short outages can have serious consequences. For example, users who cannot send email using their corporate Office 365 account will often revert to their personal email account to conduct business, thereby bypassing corporate security and increasing the likelihood that dangerous content – such as phishing attempts that contain malicious links or attachments – will reach end users. In addition, business records in email will not be captured by the enterprise archiving or backup systems. The use of a secondary, backup solution that will maintain the continuity of email processing is an important addition that will help organizations remain both secure and compliant during an Office 365 outage.”
Email is at the intersection of a high amount of risk. That risk will only rise as attackers learn to better evade detection systems. Given that Office 365 has 162 million users as of January 2019, and email is Office 365's most intensively used service, the time for enhanced cyber resilience within Office 365 is now.