In 2020 Microsoft reported over 258 million monthly commercial users of its Office 365 productivity suite. For decades Microsoft has been powering business with software like Outlook, Word, and Excel. As technology and connectivity have improved, so has functionality and user requirements. Now, over 75 million people use Microsoft Teams every month for virtual meeting experiences. Consumers of Microsoft technology have moved away from self-managed instances of services like Microsoft Exchange for email communication, and instead shifted to Software-as-a-Service (SaaS) hosted directly through Microsoft’s cloud services.
Acceleration of such services has been increased through a shift to remote working and migration to the cloud. As such, data centre and network architectures have changed to accommodate both distributed users and systems. Cyber criminals are more advanced than ever, and organisations security posture is now a priority at every board level. Financial and reputational damage from security breaches can be a huge uphill task to recover from, and in-depth security defence systems are often built-in layers to protect digital corporate assets like data. The challenge with security has always been that despite an abundance of technical solutions and investment, there are often weaknesses in the chain disguised as legitimate day to day work requirements. Email is one such example.
Email is perhaps the most widely used tool across companies, both internally and externally. It’s also the easiest and most common penetration point for multiple attack vectors. A quick internet search demonstrates eye watering statistics around the number of companies suffering security breaches, email breaches, and Office or Microsoft 365 breaches. Microsoft recorded an increase of cyber-attacks of 250% on Microsoft 365 users in the last two years, with 57% of SMBs falling victim to phishing emails in the last year. Sometimes excessive security hardening and configuration can be completely bypassed by the actions of a user acting upon what they believe to be a genuine email.
365 Threat Monitor
Hornetsecurity has released a brand new free mobile app, available from the iOS and Android store. In just a few steps, 365 Threat Monitor can be enabled on Office or Microsoft 365 enterprise mailboxes, adding monitoring, and alerting for malicious or suspicious emails that have made it through the built-in standard defences. Further email security helps provide protection against malware (ransomware, viruses, spyware), phishing, spoofed senders and content, targeted attacks on specific data or people, and spam or unwanted advertisements.
The 365 Threat Monitor app is based on key areas of Hornetsecurity’s proprietary technologies. Threat Defense and Forensic Analyses detect attacks through real-time scanning for harmful content, heuristic filtering, and authenticity and integrity verification. In Threat Monitor customer administrators gain transparency through a detailed UI about the types of threats their users and whole organisation are facing including statistics. From within the app itself administrators can immediately delete malicious emails upon detection, deflecting or containing harmful content.
To setup 365 Threat Monitor, sign up to receive a link to the free app, or download the app from the app store and sign up during the process. Once the app is installed, follow the steps on-screen to connect your Microsoft 365 administrator account. Now you’re up and running, when 365 Threat Monitor detects a suspicious email, an alert is sent directly to your phone. Information is provided on the mailbox and the context of the threat detected, with the option to delete in just 1 click. The great thing about this process is that 365 administrators can try out the functionality, examine the number of threats detected and the need for a solution, carry out end to end testing, and then scale out the product if required.
The mobile app presents information in a clear and concise format, with a clean and colourful interface. IT administrators are generally part of an on-call team to protect the organisation from security threats and outages 24/7. Providing advanced email security functionality through a mobile app is another option in the IT team’s toolkit to respond quickly and easily, without needing to open a laptop or log into a company VPN.
Customers may decide after successfully implementing 365 Threat Monitor across their enterprise mailboxes to upgrade or activate the 14-day free trial for 365 Total Protection Enterprise. 365 Total Protection Enterprise can block threats even before they reach end user mailboxes, and wraps around additional features like attachment content control, allow and deny lists, compliance filter rule engine, and email archiving with up to 10-year retention. Equally, customers may decide that the 365 Threat Monitor app, which stays completely free forever with manual and limited deletions, offers sufficient protection and visibility into their Microsoft 365 mailboxes. Either way, whether it’s a pre-cursor to a wider security rollout, or an enhancement on the default Exchange Online security, the 365 Threat Monitor app is worth running to improve potential blind-spots in security within your user mailboxes and behaviours.
In summary, the 365 Threat Monitor mobile app is a welcome addition for Microsoft 365 administrators concerned with protecting valuable company assets like data and information, much of which either resides in, or is accessible from, corporate mailboxes. Common threats we see day to day in the news, like ransomware, and targeted phishing attacks on high-risk roles such as C-level, HR, or finance, all keep security professionals up at night. 365 Threat Monitor delivers validation that the person in the email is who they say they are, and the content or links you click on are not incorporating underhand tactics to divert you elsewhere. The ease and speed of initial setup means that even just trying this software out is time well spent. Straight away you’re protected with real-time scanning, and will see your overall and individual threat levels, delivering some welcome peace of mind for many! The 365 Threat Monitor can be downloaded directly from Hornetsecurity here.
One thought on “Securing Enterprise Mailboxes with Hornetsecurity”