Over the past few years, an increasing number of organisations have chosen to implement cloud computing, distributed system architectures, and as-a-service or subscription based operating models throughout their IT environments. The most popular example is Microsoft 365 (M365); providing SaaS (Software-as-a-Service) based versions of Microsoft’s productivity suite, which is embedded into the processes and technology stack of many businesses.
Due to the internet-hosted nature of the service, and its global popularity spanning nearly all sectors, Microsoft 365 is a common target for cyber security attacks. Email has long been the easiest and most successful attack vector for cyber criminals, using phishing attacks to either deploy malware and ransomware, or steal login credentials. Once attackers have penetrated corporate networks or resources using these methods, they can steal sensitive data, carry out malicious activities, impersonate people and systems, or simply monitor traffic and behavioural patterns over time to plan out a longer, sustained attack.
Securing a company from such attacks generally comes down to implementing layers of security, without restricting employees or users in such a way that they take measures to bypass security processes. Third-party tools can play a positive role in an organisation’s overall security posture.
Hornetsecurity’s 365 Total Protection, is specifically designed for Microsoft 365 security, protecting your business from malicious emails and files before they reach the users mailbox. 365 Total Protection integrates seamlessly with M365 by connecting directly into the service in just 30 seconds. You select the security policies and protection to apply, without having to install and manage agents, servers, or other components.
365 Total Protection comes in two editions to enhance the security of your M365 accounts, and the wider organisation:
- 365 Total Protection Business is a comprehensive security package providing email and data security for M365 accounts.
- 365 Total Protection Enterprise builds on the functionality above, by adding AI-based advanced forensic analysis and intelligence, along with business continuity and legally compliant email archiving.
365 Total Protection Business
When a user’s mailbox is secured by 365 Total Protection Business, they have a full overview of all emails for which they are the intended recipient. With real-time mail flow analysis, and Email Live Tracking, the user has at their fingertips an extensive list of filters and self-service actions to secure their email and data, without impacting productivity.
365 Total Protection is built upon a multi-stage, in-depth Threat Intelligence system, that analyses and filters new attacks or threats before they reach the users mailbox. Hornetsecurity’s Threat Blocking system will statistically block 99% of attempts to deliver spam, with the Threat Intelligence feature guaranteeing a detection rate of 99.99% for spam, and 99.9% for viruses. In both cases emails blocked or quarantined will not reach the users mailbox. The spam and malware protection systems are constantly learning and improving, through Hornetsecurity’s Security Lab and AI/ML based algorithms.
Emails quarantined as potentially unwanted can be released by the user, who can also manage their own safe and blocked sender lists, and crucially, see comprehensive detail on the status of each email communication. This helps a user to understand how a mail has been classified, for example spam, and the reason for the classification. Daily reports can help collate and stop marketing or info mails, with the user able to whitelist those relevant to them. Of course, the level of flexibility afforded to the user is defined by the company directive and policies configured.
Administrators can configure compliance filters and content control, for example to remove unwanted or unauthorised file attachments depending on the file type, content, or recipient. Outgoing emails can be encrypted, with granular control over the encryption method, and automated certificate management, protecting email communication from being viewed or changed by anybody other than the intended recipient. Where specific recipients are unable to provide email encryption the Websafe mailbox delivers a way of securely communicating with those external parties.
Finally, the implementation of a global mail security solution such as 365 Total Protection Business enables standardisation and enforcement of email signatures and company disclaimers. If desired, intelligent ads and social media buttons can also be embedded for external corporate communication.
365 Total Protection Enterprise
365 Total Protection Enterprise builds on the features outlined above, including further Forensic Analyses mechanisms to review and detect malicious behavioural patterns, fraud, spoofing attempts, targeted attacks, and identification of spy-out attacks and feign facts or click-bait. URL Malware control checks and secures all internet links and downloads, to protect against blended attacks, while the Advanced Threat Protection (ATP) Sandbox Engine adds a safe, sandpit environment to analyse suspect files. All activities can be monitored in real-time using the Real Time Threat Report.
In addition to ATP and the advanced threat capabilities, 365 Total Protection Enterprise provides GDPR-compliant email archiving, with a retention period up to 10-years. The email archive can be accessed by auditors on-demand using the web based front-end, taking advantage of the eDiscovery service for fast, complex queries or search filters.
As mentioned earlier, 365 Total Protection has a guaranteed spam detection rate of 99.9% and virus detection rate of 99.99%, with a false positive rate of only 0.00015. However, as cyber security professionals will attest, additional layers should act as a failsafe to mitigate risk as much as possible. 365 Total Protection Enterprise also caters for malware ex post alert and deletion, so that if a malicious mail has already been delivered then the threat can be quickly contained.
In the event of a Microsoft 365 service outage, 365 Total Protection Enterprise also enables users to carry on working with its Email Continuity Service, as a stand-by system. Furthermore, where 365 Total Protection Enterprise is in place, users can uplift to 365 Total Protection Enterprise Backup. This bolsters business continuity by adding automated backup and recovery, for user M365 mailboxes, Teams, OneDrive, SharePoint data, and Windows-based endpoints.
In summary, the advanced threat analysis and detection capabilities of 365 Total Protection make it a worthy addition to any security tool kit, with the logging, reporting, and business continuity capabilities affording extra peace of mind.
Whilst securing mailboxes and data, above all 365 Total Protection provides improved user experience with self-service flexibility. This dynamic approach means that the implementation is more likely to be successful in its aim to secure the organisation. As threats and attackers grow over time, the Security Labs and Threat Intelligence algorithms continue to adapt for future trends and attack vectors. The best way to see if 365 Total Protection adds value to your business is to get hands on and try it out yourself using the free trial.