Protecting Office365 with SpamTitan

Protecting Office365 with SpamTitan

  • September 7, 2017

Office 365 adoption is continuing at a strong pace. With such a massive user base Office 365 is profitable prey for a persistent
hacker familiar with how Office 365 works. As ransomware and phishing attacks increase, Office 365 has become a primary target,
making it vital for IT professionals to take proactive steps and “hack-proof” their O365 environments. Microsoft has made great
strides in cyber security, yet headlines continue to report countless exploits where hackers have undermined an O365 environment

Targeted Attacks on Office 365

According to a recent study by IBM Security, the number of emails
containing ransomware has increased 6,000% between 2016 and 2017.

Today the risk is greater than ever. Without appropriate
protection Cloud-based email systems like Office 365
are vulnerable. Just last year the Office 365
the environment was hit by waves of Jaff and Locky
ransomware attacks.
At the start of 2018, specific threats targeting
the Office 365 environment appeared, such as
“ShurL0ckr”, which goes undetected by Office 365

What email protection Office 365 offers

If your company has moved to Office 365 as a hosted email solution, your email is being hosted in a Microsoft Data Centre
and most likely being filtered using Microsofts Exchange Online Protection (EOP). Although the Office 365 spam filter offers a
reasonable level of security, some businesses find it basic and lacking when it comes highly-sophisticated cyber threats especially
advanced and persistent spear phishing attacks. Let’s take a closer look at the strengths and weaknesses of Microsoft Office 365:

How to strengthen your Office 365 security against Spam and Malware
through a defense in depth approach

With this approach, security is not dependent on any single layer, especially in the event of an attack. Office 365 offers 2 levels
of email security, “Exchange Online Protection” and “Advanced Threat Protection” for a protection level in the low-middle of the
market, according to an SE Labs study, “Email-hosted protection” published in August 2017. As email security experts with over
20 years’ experience we know new malware can penetrate the usual email filtering mechanisms. It has long been the case that
older email protection technologies, like analysis reputation and fingerprinting, are no longer effective against the evolution of
these threats.
Recent research by Osterman identifies that Microsoft’s EOP can detect 100% of all known viruses with updates every 15 minutes.
However, the research found it to be less effective against unknown or new malware delivered by email. System Administrators
implementing Office 365 need to make sure it’s secure by layering in a dedicated secure messaging and spam filtering solution like
SpamTitan to protect against advanced persistent threats. To protect against advanced threats you need advanced protection

Zero Day Attack

A zero-day attack can occur when you click on an email attachment infected with malware. Once you open the attachment, the
malware can exploit any security holes that exist in your email client software or in your PC. The only secure solution for email
uses the ability to anticipate new attacks is using prediction.
Unfortunately, Office 365s email security features don’t match the features of many dedicated on-premises and cloud-based
email security gateways, which include pattern learning and intelligence. The only secure solution for email includes the ability
to anticipate new attacks using predictive technology.

  1. Predictive techniques including Bayesian analysis, heuristics, and machine learning to block new varieties of spear phishing, whaling and zero day attacks before they reach your mailbox.
  2. Default Spam Titan features which are optional with exchange online protection such as advanced threat protection anti-typosquatting protection, link protection email encryption.
  3. SpamTitan focuses on a defense in depth approach protecting against malware threats, spear phishing attempts and zero-day attacks

Data Leak Prevention

While, SpamTitan includes enhanced spam blocking and protection from malware, viruses and phishing emails, the product adds
an additional layer of protection from data loss while making your Office 365 implementation easier to manage. We also add
powerful, data leak prevention rules to prevent internal data loss, as an example tagging keywords, social security numbers, etc.
It takes powerful phishing protection solutions to defend your organization against ever-evolving email phishing scams as well
as protecting your organization’s mission-critical data.

Advanced Phishing Protection

SpamTitan provides phishing protection to prevent whaling and spear phishing by scanning all inbound email in real-time.
SpamTitan searches for key indicators in the email (header, domain information and content) which suggest an email might be a
phishing attempt. SpamTitan will also perform reputation analysis on all links (including shortened URLs) contained in emails and
block malicious emails before being delivered to the end user.

  1. URL reputation analysis during scanning against multiple reputation.
  2. Detect and block malicious spear-phishing emails with either existing or new malware.
  3. Heuristic rules to detect phishing based on message headers et al. These are updated frequently to address new threats.
  4. Easy synchronization with Active Directory and LDAP.
  5. Spam Confidence Levels can be applied by user, user-group and domain.
  6. Whitelisting or blacklisting senders/IP addresses.
  7. Infinitely scalable and universally compatible.

For more Information or a free demonstaration please contact us .