Barracuda Networks Vice President Chris Ross recently stated:
“The key message [for companies who have moved or who are moving to Office 365] is the additional layers of security needed.”
Office 365 includes a standard layer of security by default. However, it is not adequate to protect against advanced security challenges.
Ensuring additional layers of security are in place is absolutely crucial for businesses to remain secure while using Office 365.
Why you need a Secure Email Gateway:
Office 365 does have an inbuilt spam filter, but it’s not up to scratch.
O365 is cheap and easy to use, so it’s trivial for spammers to test their methods until they can bypass Microsoft’s spam filters.
This means there is still a need for traditional email secure gateways. They provide the best protection against inbound and outbound email threats.
Vendors in this market like Barracuda, Mimecast and Proofpoint fully focus on protecting your communications. Microsoft have less financial incentive to do so, and provide a lesser service as a result. It’s for this reason that despite Microsoft investing in their own threat protection, third party email security companies have actually seen revenues rise since the release of O365.
However, while secure email gateways are crucial, they cannot fully protect your business alone.
Attacks are becoming more sophisticated and although a vendor selling email secure gateways may have a service level agreement to stop 99.9% of threats, this still means for every 10,000 spam emails, 10 will get through.
All it takes is this one email to potentially lose your business thousands of dollars.
More Sophisticated Threats:
The way hackers are breaching email gateways is now changing. They’re more likely to disguise emails to get them into inboxes.
Imagine a castle, from Game of Thrones. Hordes of White Walkers are running at the castle walls, but not being able to get through. This is your email secure gateway, blocking the malicious emails from entering.
But what the castle walls can’t do is keep out the attackers who don’t look evil. These are the emails which may not contain any overtly malicious content, like a virus or ransomware, but instead use social engineering methods to appear legitimate and deceive users into giving up confidential information.
These are becoming more common and the consequences for businesses more severe. They are able to breach secure email gateways more effecitvely, because they are hard to detect using traditional methods of treat detection.
In the past spam that breached email gateways may have sent employees to adult websites, or exposed them to malware. But now there is much more at stake for businesses.
Attackers will send fake invoices to try and dupe companies out of money, and it’s a booming industry.
As well as these targeted phishing attacks, attackers are becoming more adept at hiding malicious links.
It’s common now for a hacker to send a link to a clean website in the middle of the night This is scanned by a secure gateway and allowed into the inbox. But by the time the recipient arrives at work, the attacker will have injected that URL with malware.
These products are powered by AI and sit inside Office 365, inside the castle walls, looking for threats. Unlike traditional gateways, these services are capable of understanding communication. They identify when something does not look right, even once it’s made its way through the security gateway.
They can tell when people are being impersonated by looking at multiple factors and scan links in real time. This ensures that people are not being fooled by malicious URLs that have made it past the secure gateway.
These platforms aren’t cheap, but businesses that have been hit by attacks will need these products and it is far better to pay for protection, then to lose money in an attack.
It is clear that to protect your business after the move to Office 365 you will need multi-layered, rounded protection.
You will need the secure email gateway in the front, blocking malicious emails from entering inboxes and advanced threat protection inside, stopping threats that have made their way through the gateway.
Make sure you choose the right email security gateway and advanced threat protection for you by reading our expert reviews. You can read reviews of the best email security gateways here.
Proofpoint Essentials uses multi-layered anti-virus, anti-spam and phishing detection engines to provide
the best possible protection against malware-based
email threats. Emails are scanned our sophisticated engines, that
quickly, accurately and effectively capture and block all known viruses.
Protect against zero-day malware, credential theft, and phishing websites with a real-time defense against all inbound emails, using various multi-anti-virus, visual anomaly detection and sandbox engines.