Has your business invested in Microsoft 365? Good move! It’s a great cloud-based platform for business communication and collaboration, including its comprehensive email capabilities.
However, an investment in Microsoft 365 (formerly called Microsoft Office 365) is more than just an investment in the solution – it’s an investment in your entire business.
This is particularly true if you rely heavily on the email features in Outlook, which most of us do.
Although Microsoft 365 does provide some security features, including Advanced Threat Protection (ATP), it still has some holes that you should be aware of.
The rapid expansion of Microsoft 365 has made it a very attractive target, and thus more and more threats are emerging, specifically the frequency of phishing attacks.
The frequency of phishing within Outlook is estimated to cost the average organization 1.3 compromised accounts each month, according to Help Net Security.
Email scams have increased in both sophistication and intensity – according to the Webroot Threat Report, nearly 1.5 million new phishing sites are created each month.
In fact, this shady business is so successful phishing attempts have grown 65% in the last year alone!
According to the SANS Institute, 95% of all attacks on business networks are the result of successful spear phishing attacks. In other words, a human opened an email and either clicked on a link or opened a file that they weren’t supposed to.
But while regular phishing typically involves mass mailings, spear phishing emails can appear to come from your own IT department, your own HR department, from a friend or colleague.
That’s why they’re so much easier to fall for – they set up a level of trust right from the get-go.
Email security threats can’t be dismissed as something that won’t happen to you – no company or vertical is immune. Smaller businesses are actually considered easy pickings because they don’t devote as many resources toward cyber security protection as larger organization do.
And when email goes down, most businesses tends to grind to a halt, not to mention the damage that a successful cyber-attack can do to your business.
According to a Ponemon Institute report, a successful attack costs businesses an average of $2.2 million, when you add up not only theft and damage to IT assets, but to disruption to business operations.
That's where the real costs come in - businesses tend to underestimate the cost of downtime.
There’s no reason to overlook Microsoft 365 as a terrific and cost-effective productivity suite, but you do need to consider layering on additional security above and beyond Microsoft ATP.
There are many solid third party email security solutions that will pick up the slack where ATP is insufficient.
Cloud email security solutions, including a wide range of products from vendors such as AppRiver, can be crucial to protecting your investment in Office 365 and limiting your security risks.
As a minimum, start out by deploying advanced phishing and malware protection.
The default settings on Office 365 leave gaps for unwanted email, malware, and phishing leaks to get through.
Although they can be customized, it takes an expert to do it, and it can interfere with with the application's functionality.
Here are two important recommendations for added email security:
The threats that businesses face with their email solutions can be daunting. There are many robust solutions out there that are available to keep you secure, so be sure to ask a trusted IT consultant to help you figure out which is the best solution for you!
Interested in learning more?
We recommend this excellent e-book from our partner AppRiver - The Essential Guide to Protecting Your Office 365 Investment with Robust Email Security - which will give you more details on how to protect your Office 365 Outlook environment.