Why an additional security layer is vital when you have moved or are thinking about moving your email to the cloud?
Office 365 is today’s most adopted cloud email and office application solution. Most IT admins say the reason they made a move to Office 365 is that “they no longer have the time to spend administering their on-premises exchange” However, most overestimate the security capabilities of Office 365.
It’s a well-known fact within the cyber security industry that many threats originate from email accounts within Office 365’s environment. These include unauthorised access attempts, compromised user accounts, and insider threats. Implementing an additional layer of security helps mitigate these risks and provides enhanced protection for sensitive information.
The default connection time checks for SPF, DKIM, and DMARC in Office 365 are not secure. Additionally, Office 365 has other insecure default behaviours, mainly due to legacy compatibility reasons and the need to adopt a universal approach to connection time security. For instance, Office 365 accepts emails from non-existent domain names and domains that do not accurately represent a fully qualified domain name (FQDN).
Configuration can be a big issue when the person responsible for setting up Office 365 fails to configure it correctly; failure of correct provisioning can leave you vulnerable to so many major security threats. An additional security layer simplifies the configuration process and ensures that all security measures are properly implemented to safeguard your Office 365 environment.
Office 365 is a multi-tenant environment, and its security features will not allow flexibility regarding unique targeted email-borne threats against end users. It offers a standard level of security; however, businesses with specific regulatory or industry requirements need additional security measures. Adding an extra layer of security enables you to meet your organisation’s specific needs.
Office 365’s E3 and E5 licenses are Office suite licenses that include security elements but are not fully focused on email security and threat prevention. With advanced threat protection, tailored security rules, dedicated support, and holistic email checks, you can enhance your Office 365 email security.
If an employee’s account gets hacked, outgoing emails become a threat. Using an additional security layer provides you with the benefits of monitoring abnormal trends in outgoing emails.
01
In an Office 365 outage, Topsec will queue your company’s emails, meaning emails will not be bounced or lost during the outage. We will then pass through the emails once a connection to Office 365 can be re-established.
02
Office 365 must implement common rules to cater to everyone on their cloud solution. In addition, TOPSEC can apply a unique and dynamic rule set depending on the client’s requirements.
03
Topsec provides monitored and personalised support 365/24/7. Topsec supports, monitors, informs and advises your company personally about any changes to your user accounts.
04
Topsec applies the same level of email scrutiny to Office 365 emails as any other email, whereas Office 365 may prioritise emails originating from their platform.
Topsec provides an additional layer of security to Office 365, ensuring comprehensive protection against evolving threats and vulnerabilities.
Topsec believes that prevention is better than damage control after a malware attack.
We offer the flexibility to define unique security rules tailored to your organisation’s needs, allowing you to enhance protection against targeted attacks.
Our dedicated support team is available to assist you in setting up and managing your Office 365 security solution, providing guidance and addressing any concerns.
Every email passing through your Office 365 environment goes through consistent and thorough security checks, including real-time scanning.
The Topsec Email Security Risk Assessment is a test that passively inspects emails left by third-party incumbent email systems as safe and ends up on an organisation’s email management system. In addition, Topsec puts these emails through their email security systems to reinspect them for false negatives, i.e., spam emails or emails containing malware or malicious attachments.
Total Caught as Spam: 1,500,777 detected as Spam, 500,259 rejected and 1,000,518 quarantined.
The TESRA test covered 13,553 email users over 90 days of emails received from various organisations. Within that time frame, more than 10 million emails were inspected by Topsec. These emails had already been passed as safe by the organisation’s implementation of Office 365 services with Exchange Online Protection or Advanced Threat Protection. The Topsec security test occurred passively after the incumbent email security systems had executed all their security filters and determined that nearly 1,504,010 or 15% of the 10, 014,185 emails were actually “bad” or “likely bad”. The overall false negative rate in the TESRA test of Microsoft Office 365 was 15% of all emails inspected.
Most of these emails that got through were spam, with 99.79% of the false negatives passed by the incumbent email security systems. Most spam email is not lethal; however, these messages can lead to more sophisticated attacks. As we move down the funnel, the number of false negatives decreases. However, these attacks are more lethal.
At the next level, 1,809 of the emails caught by Topsec were impersonation attacks that were missed by Microsoft Office 365. These types of malicious emails are socially engineered emails that attempt to impersonate a trusted party, a CEO, to prompt the recipient to do something they should not do in a timely manner, e.g., transferring funds to a bank account as soon as possible. These emails are harder to detect because they do not contain malware or malicious attachments. However, these targeted email attacks have significantly increased in recent years.
In the next level, 1,206 emails caught by Topsec were dangerous file types. Dangerous files cover many file types which are not sent over email, including .exe (executables) and .src (source) files. Therefore, Topsec recommends that customers block or quarantine these dangerous file types by default.
Moving down a level, 218 emails were identified to contain ‘known malware’, a term used for malware previously seen in the environment and reported as malware. Missing any known malware is a massive sign of weakness in an IT security system and worrying.
Many organisations think that their current email security systems are keeping them safe from new and emerging email-borne threats. However, the TESRA test proves that this is not the case. These days, hackers are more sophisticated, resourced and targeted, which leads to more effective email attacks. They continue to search to find holes and flaws in services such as Office 365, so it is vital that you put as many layers of security in place as your budget will allow.
Office 365 Security refers to the built-in security measures provided by Microsoft to protect user data and ensure the integrity of the Office 365 suite. These security features include threat detection, data encryption, access controls, and multi-factor authentication. While Office 365 security measures are robust, adding an additional layer of security further strengthens your organisation’s defence against potential threats.
Office 365 is essential for modern businesses due to its wide range of productivity tools and collaborative features. It enables organisations to streamline communication, enhance productivity, and store data in the cloud. However, as cyber threats evolve, an additional layer of security becomes necessary to safeguard critical data, protect against advanced threats, and meet industry compliance requirements.
Office 365 is not a security risk but can become vulnerable to various threats if not properly secured and configured. Factors such as weak passwords, misconfigurations, and human errors can expose sensitive data and compromise the integrity of your Office 365 environment. Implementing additional security measures ensures comprehensive protection and mitigates these risks.
Office 365 employs various mechanisms to protect against phishing attacks. These include anti-phishing filters, link scanning, and email authentication protocols like SPF, DKIM, and DMARC. These measures help detect and block suspicious emails, malicious links, and phishing attempts. However, an additional layer of security can provide advanced threat intelligence and real-time analysis to identify and prevent sophisticated phishing attacks.
Sandboxing an attachment will not take more than 2 or 3 minutes if installed correctly.
Office 365 incorporates encryption and access controls to ensure data privacy and restrict unauthorised access. It uses industry-standard encryption protocols to protect data at rest and in transit. Access controls, such as role-based permissions and multi-factor authentication, add an extra layer of security by limiting access to sensitive information.
Attachment Sandboxing is used to verify attachments for potential threats. It is advisable to use Attachment Sandboxing to scan attachments for malicious content before you share or download them. If you’re skeptical about a file, you can submit it to be examined. Also, it’s a good idea to scan any attachments for malicious content before retrieving them.
