As organizations of all sizes continue to sign up for cloud-based services, there’s sometimes a tendency to think that guaranteeing efficient working practices and security are the sole responsibility of the SaaS provider.
After all, a typical cloud service will have had hundreds of hours invested into its GUI, in the initial design and QA testing stages, and have been re-shaped over many months’ development according to early-adopter feedback, before going to GA.
As for security, because companies are consuming complete applications – or suites of multiple applications – there’s an assumption that others are keeping those working environments safe.
Nevertheless, there are significant gains to be made by utilizing the best cloud services and applications. In the case of Microsoft Office 365, especially, there’s the history of the product, with real day-to-day workflows baked into the heart of the suite, making it the go-to solution for organizations, companies, educational institutions, and consumer-level users.
While Google’s online alternatives (Docs, Sheets, etc.) are used very commonly, the undoubted leader in the office suite as-a-service is indisputably Office 365.
But what’s becoming apparent is that, out-of-the-box, the Office 365 Suite can sometimes leave something to be desired when it comes to security. Some statistics show, for instance, that the anti-malware and anti-spam facilities (even if you pay extra) let a good percentage of malicious activity through the net.
What might come as a surprise to many, however, is that when organizations are paying for the highest levels of security Microsoft offers, Plan E5 with Enterprise Mobility + Security E5 (with features like MFA and secure remote working), they still don’t get the levels of protection and resilience that Censornet’s Defence365 offers. Furthermore, that top-ranking tier from Microsoft is around 20 percent more expensive than the Plan E3 with Enterprise Mobility + Security E3 and Defence365 added together.
You can read more about “Uncovering O365’s Blind Spots“(PDF) and solving some of the prevalent Office 365 protection and performance challenges facing organisations across the globe in the guide “Your Office 365 Journey: Securing every stage” and on the Defence365 Hub from Censornet.
Source: AdobeStock
In short, why pay more, and get less? Users can get a more productive, safer, more secure and reliable online experience by layering Office 365 with best-of-breed security like the Defence365 solution. Here’s how:
Email security
The advantages to organizations of Office 365’s use are undeniable: powerful sharing, integration with critical business tools, a familiar user interface — the list goes on. But being a giant company, the level of security that Microsoft provides “out of the box” is not as strong as the levels provided by security specialists.
The Defence365 solution, creates a working environment that is comprehensively protected from advanced email threats. That’s because the technical team at Censornet is aware of the highly personalised, smart attack techniques that today’s cybercriminals use. Often targeted at C-suite personnel, focused fraud attempts are stopped by multi-layered security which examines the many components of an email with advanced algorithmic analysis, combined with current threat intelligence.
The Defence365 solution includes advanced time-of-click protection from suspicious or malicious pages. LinkScan™ rewrites links in inbound emails at time of delivery and prevents users from visiting dangerous pages whether they click on links within minutes, weeks or months.
With Defence365, the new tricks that hackers use are quickly identified by Censornet’s unique Autonomous Security Engine – ASE – that provides fast, adaptive, and up-to-the-minute protection by sharing security event and state data between usually siloed security products: CASB, email and web protection.
This goes well over-and-above what Microsoft offers to its best-paying customers, yet the methods Defence365 employs have been proven to be more effective, time and again.
Web Security and Cloud Access Security Broker
As companies live, breathe, and do business online, in many organizations use of cloud-based services are an integral part of their daily duties. Applications and services are cheap to use, hugely efficient, and there’s a solution to fit neatly in with just about every business process.
Unfortunately, hackers know this, and therefore create fake login pages to capture credentials. Pages are designed to closely mimic those of common cloud solutions, and are often sent to unsuspecting users in carefully constructed emails emulating the real vendor’s corporate identity – with a compelling reason to log in immediately or lose access to services.
When organisations adopt Office 365, activity, communication and file storage all takes place in cloud applications. This can be a concern regarding data loss and management particularly, but with Defence365 in place, all the activity, permissions and actions become visible and controllable across the whole Office 365 suite and beyond.
Source: AdobeStock
Bonus considerations
In large businesses, IT staff are best deployed in helping the company plan its strategies, empowering users and management with the very best technology knowledge and skill — not spending their time fighting fires. For situations like that, automating security responses for email, web and cloud-based attacks can create the type of resource release that makes significant differences in competitive markets.
Where email security, web security, cloud application security and multi-factor authentication were once siloed products, Censornet’s consolidated platform makes for straight-forward management and reporting while the Autonomous Security Engine plays a crucial role in the all-encompassing Defence365 solution.
Stopping threats at machine speed? The technology takes care of it.
Email continuity
As we touched on earlier, hackers use email because it’s the most common “communication currency” in every organization regardless of size. Ensuring that email is always accessible, even when unplanned outages occur or scheduled maintenance is required, is a bugbear for systems administrators the world over.
That is, until now. As part of Defence365, organizations can choose to protect this most valuable asset with an Emergency Inbox that allows users to read and reply to new messages on the rare occasions that the Office 365 service goes down for a few hours (invariably at the most inconvenient time!).
Further, email can be archived safely with a tamper-proof service that meets the latest regulatory requirements in both the EU and the US; an essential consideration in many verticals (such as legal practices) at present, but this is a requirement that we at TechHQ are finding more often, as data governance measures spread across the globe.
The next steps
Firstly, there’s a lot of freely-available advice from the creators of Defence365, Censornet, on how to solve a variety of performance and protection challenges. There are papers to read, including the guide “Your Office 365 Journey: Securing every stage”, case studies to ponder, and videos to watch on the Defence365 Hub. Here, real-life experience from Office 365 users shows how mistakes can crop up from simple, innocent stumbles that everyone makes, like clicking a rogue email link, or visiting a website that seems really to be onedrive.liive.com but is, in fact, something a lot more malicious. (You might not have noticed that URL, but your Defence365 solution will have done!)
To learn more from a representative who will take you through what you need to keep working more productively and more confidently with Office 365, and the other online tools that you’re using too, click here or email defence365@censornet.com.
