Top Email Security Solutions For Office 365

Proofpoint offers multiple threat protection features to stop data breaches and email threats. Proofpoint uses multi-layered email security engines to prevent threats like spam, malware and phishing attacks. This includes URL defense (Safe Links) to block malicious email links at time of click, and anti-virus engines to stop ransomware attacks. Research from SE Labs shows Proofpoint Essentials has one of the highest threat total accuracy ratings of all the market leading email security vendors.

Proofpoint Essentials is very easy to deploy with Office 365. Essentials is deployed between the Office 365 environment and the internet, sitting in front of your Office 365 tenant. To route mail to Office 365 requires changing your MX records. Because Essentials sits in front of Office 365, all emails are scanned to ensure they are safe. Infected and spam emails are automatically quarantined. Outbound emails are also routed via Proofpoint thus allowing data leakage (DLP) rules to be easily applied to stop confidential information being emailed out.

Proofpoint can be configured to allow end users to access their own quarantine, email archive and, manage their allow/deny lists, which helps to save IT departments time.

Avanan uses machine learning to analyze historical emails and learn each users’ communication patterns, enabling the platform to detect any signs of user impersonation and even the most current zero-day threats. It scans communications for over 300 indicators of account compromise, including domain, location and time of sending, and flags suspicious emails to mitigate against BEC attacks. Avanan’s advanced threat-hunting capabilities detect malicious behavior in real-time across the entire network, including suspicious URLs and attachments, and internal messages sent via other cloud-based applications, such as Microsoft Teams.

The Avanan platform is quick and easy to deploy: users looking to configure the solution manually can do so within minutes, without having to change their MX records. Those looking specifically for Office 365 protection can also secure their business quickly and efficiently via the Office 365 app. We recommend Avanan as a strong solution for any sized organization looking for powerful threat detection and mitigation within an Office 365 email environment.

SpamTitan provides strong inbound threat protection, with multi-layered threat protection engines, including link analysis, full attachment sandboxing, zero-day attacks protection, mail spooling and spoofing protection. SpamTitan offers protection against advanced inbound threats such as ransomware, and also provides outbound email protection, with SPF, DKIM and DMARC checking. Admins can configure granular threat protection policies, including setting allow and deny lists, customizing data loss protection rules, and setting policies by users, domains and domain groups. SpamTitan also provides email encryption, helping to secure Office 365 emails and meeting compliance regulations.

SpamTitan is easy to manage and quick to deploy into the Office 365 environment. SpamTitan provides far more effective email filtering than the default Office 365 systems, while also offering more granular controls and policies than Microsoft allows. SpamTitan also provides backups for Office 365 mails servers to ensure business continuity, so if Office 365 is unavailable, users can continue to view incoming emails in a secure SpamTitan portal. SpamTitan also offers a strong range of outbound mail controls for Office 365. SpamTitan is popular with customers, who praise the service for its ease of deployment, cost-effective pricing and high-quality technical support.

Phishing attacks are perhaps the biggest threat facing businesses using Office 365. IRONSCALES’ provides a robust layer of security with their email protection platform. IRONSCALES also provides a suite of security awareness training tools, allowing admins to easily create simulated phishing emails, and test users effectiveness with spotting suspicious email attacks.

IRONSCALES combines machine learning technologies and human threat intelligence to identify malicious emails and remove them from user inboxes. Machine learning engines use contextual analysis, looking at factors like domain, time emails were sent, attachments and location to identify suspicious and malicious emails and remove them. IRONSCALES also allows end users to report emails that don’t look right with a button directly in the Office 365 mail app, on desktop or mobile. This intelligence is shared across their client base, so a phishing attack reported by an end user be shared to IRONSCALES customers all over the world.

IRONSCALES is built for use with Office 365. It integrates seamlessly with your Office 365 environment without requiring any configurations or new mail flow rules. Deploying the service is extremely easy – deployment takes 2 clicks and doesn’t require any MX record changes or rules to be setup. IRONSCALES is an ideal platform for stopping phishing attacks for organizations using Office 365.

Mimecast provides comprehensive security for Office 365 cloud email with a range of solutions. Mimecast sits in front of your Office 365 tenant, using multi-layered threat detection engines to defend against attacks like spear-phishing, malware, viruses, spam and data breaches.

As well as stopping malicious emails from entering your email network, Microsoft Internal Email protect is deployed inside your email perimeter to detect and remediate against internal threats. This is designed to be used alongside Mimecast’s Security Awareness Training to protect users against sophisticated attacks such as spear-phishing and email fraud. Mimecast also offers mailbox-level compliant archiving of email data, with e-discovery support, legal hold and Office 365 disaster recovery

Mimecast also offer email encryption and DNS filtering, which is all part of their single security solution which is ideal for Office 365 users. Mimecast also offers Office 365 migration tools which can help to speed up and secure migration to the O365 platform. This automatically archives legacy emails and helps to ensure continuity in the case of network outages.

Menlo’s Isolation platform addresses the gaps in email and web security that are open for attackers to exploit in Office 365. Menlo stops email attacks by fully isolating all potentially malicious content that can be spread via email, including URLs and attached documents, without interrupting the end user work-flow. Menlo’s phishing protection solution rewrites all web links, opening all content in isolation so there is no path for any malicious content to infect end user devices. In addition, Menlo will open all suspicious links sent via email in ‘read-only’ mode, in order to stop phishing attacks that look like genuine web pages. Menlo Security also provides document isolation, which provides safely rendered access to any attached files like PDFs and word documents sent via email, helping to stop malware and ransomware attacks.

Menlo Security is particularly well suited for use with Office 365. The Menlo platform is able to track how O365 users interact with web links, and provides greater investigative abilities for forensics, reporting and auditing than the inbuilt 0365 reporting. Menlo Security is straight forward to deploy with Office 365, it’s fully cloud based, and causes no interruption in email sending or changes in user experience.

Defender includes threat protection policies, reports and investigation and response capabilities. Threat protection features include Safe Attachments, which checks email attachments for malicious content, and Safe Links, which provides time-of-click URL verification to prevent access to malicious web pages. Defender also includes anti-phishing protection. This module uses machine learning and impersonation detection algorithms to detect and block phishing attacks. However, this solution is not as effective as some third party solutions, such as IRONSCALES or Proofpoint. Microsoft Defender can however protect SharePoint, OneDrive and Teams from malicious files, which not many third party solutions can do effectively.

Research undertaken by third parties and other security vendors have found some significant issues with Defender’s threat protection capabilities, specifically with regard to its anti-phishing protection module. Research from SE Labs gave Defender a 35% total accuracy rating for detecting email attacks. Other vendors such as Avanan point out the relative immaturity of Advanced Threat Protection compared to other email security vendors on this list, and the ease in which hackers are able to create an Office 365 account and learn to evade security policies. On the other hand, Microsoft Defender is built for use with Office 365. It integrates seamlessly with your Office 365 environment without requiring any configurations or new mail flow rules. There are two versions of Microsoft Defender for Office 365 available, a starter tier which includes threat protection policies, and an advanced tier which also includes automated investigation and response.

The Microsoft Complaince Center is a home for monitoring and managing security across Microsoft accounts, data, devices, apps and infrastructure. It allows admins to easily view the health of their organization and configure devices, users and apps. It also provides alerts when suspicious activity occurs. Microsoft provides organizations with a Secure Score, with detailed reports and information on security posture and areas which can be improved.

From the Compliance center, admins can protect against data loss by adding labels to classify documents, email messages and websites.  When a label is applied, this content is autamatically protected based on user-settings. This means that admins can create labels to encrypt files, and control user access to specific websites, for example. From here admins can also manage role-based access controls and proactively search for malware, suspicious files and activities.

Agari is fully focussed around protecting businesses from sophisticated email threats like phishing and business email compromise. They offer three threat detection products, Phishing Defense, Phishing Response, and Brand Protection. Phishing Defense is powered by Agari’s identity graph. This technology uses the relationships and behavioral patterns of brands, individuals individuals, brands, businesses, services, and domains using hundreds of characteristics, to identify anomalous behavior and determine the risk of emails being suspicious. This allows Agari to identity compromised accounts and block zero-day phishing attacks which would slip through the gaps in traditional security technologies’. Their Phishing Response module integrates with Office 365 to allow employees to report phishing attacks, which are then analysed by Agari and removed if needed. Agari claims to block 99.9% of advanced email attacks.

Agari is built on a cloud-native architecture, which can be integrated easily with Office 365 and Azure Active Directory. Agari also provides a deeper level of analytics than using Advanced Threat Protection alone for phishing protection. A common use case for Agari customers is using Office 365’s inbuilt spam filter to stop spam and unwanted bulk mail, as well as filtering unsafe URLs, and then using Agari’s platform as an extra layer against business email compromise and phishing attacks that are missed by Office 365 itself.

Vade Secure utilizes machine learning models that perform real-time behavioural of all emails, URLs and attachments, looking for malicious contents. Threat detection data comes from over 600 million protected mailboxes globally. Vade Secure delivers multiple threat protection features. Vade analyses URLs and emails in real time, to protect against phishing attacks, and uses behavioural based machine learning to display warning banners on suspicious emails. Vade Secure also provides behavioural based anti-malware, which scans the origin, content and contents of email and attachments to stop the spread of malware and ransomware. Vade automatically removes emails they detect as being malicious, and allows admins to remove harmful messages in once click.

Vade Secure provides a fully native user experience for Office 365 users. It integrates with Office 365 via the Microsoft API, and so is easy to deploy, with no MX record changes required. Users are also therefore able to use Vade Secure to compliment Office 365’s inbuilt spam protection and Advanced Threat Protection. Vade uses Outlook folders to automatically sort grey-mail for users, but doesn’t offer a separate email quarantine for end users as a SEG solution would. Vade Secure has an MSP focus, offering customers using O365 simplified customer onboarding and provisioning.

Cisco Email Security sits on top of Office 365 to filters malicious emails, blocking ransomware business email compromise and phishing attacks. Cisco’s threat protection is powered by their market leading threat intelligence team. Cisco provides protection against URL-based threats like phishing attacks with real-time URL analysis, and protection against ransomware, with. Malicious file scanning and automatic mailbox remediation. Cisco’s platform offers admins a much greater level of control over emails than offered in Office 365 as standard, with much more granular threat intelligence and reporting. It’s a popular choice for education and healthcare organizations for these advanced policies, and high level of threat protection.

Cisco Cloud Email Security is designed to automate and speed up identifying and removing threats from Office 365. CES is an email security gateway solution, that sits between Office 365 and external domains, so it does require MX Record changes. However, customers in education report that the service can be deployed very quickly, with favourable licensing. Cisco also provides warnings to users inside their email inbox, alerting users when emails look like fraud attempts, alongside traditional spam and malware filtering.