Office 365 has turned out to be a revolutionary product for Microsoft. By subscribing to the complete suite of Office productivity tools in the cloud, organizations of all types and sizes can:
- Enjoy the freedom and flexibility to access their applications and documents anywhere they happen to be, from any authorized device.
- Easily communicate and collaborate with the rest of their team.
- Access standard Microsoft Office applications that are always up to date with the familiar user interface.
- Benefit from cost savings and scalability.
- Benefit from data loss prevention and backup in the cloud.
Microsoft has done a good job of building security and compliance features into Office 365. That's one of the reasons we heartily recommend and endorse the product for our clients.
But it's not enough.
No Product is 100% Hack-Proof
"It is true that Office 365 has inbuilt security features," says Kevin Nejad, President and CEO of Vijilan Security. "These are easily seen in the Exchange Online Protection (EOP) service offered by Microsoft. EOP can be seen as a significant improvement over Forefront Online Protection for Exchange (FOPE) used earlier than EOP. These improvements are discernible in that it uses signature-only scanning to detect spam and malware."
By the simple fact that Office 365 is so ubiquitous, it's a big, fat target for cyber-criminals who find ways to get around all that built-in security. The truth is, no product will ever be 100% hack-proof, which is either distressing - or confirmation of the triumph of human ingenuity.
Nejad notes that signature-only scanning to detect spam and malware has proven insufficient in tackling phishing scams. He says, "Some users have reported that 3-4 suspicious emails make it through to their inboxes every week. For a company with thousands of users, for example, many of whom will happily click on attractive-looking links, any spam that attracts a click is a potential disaster."
Office 365 Integration with SIEMs
"At Vijilan we are uniquely aware of the challenges facing SMEs with regard to the maintenance or migration to Office 365," says Nejad. "The program has proven to be a great collaboration and productivity tool for businesses across multiple sectors. The cloud-based nature of Office 365 most certainly is appealing to companies not wanting to pay for email servers. However, securing the program against hackers cannot be left up to the program itself and requires a trusted security partner."
Our security experts recommend a second layer of protection to Office 365 and other cloud services. This is where Vijilan’s ThreatRespond comes in. By applying a fully managed SIEM-As-A-Service product to monitoring not only the products you have that are cloud-based, but all devices connected to the network. Any suspicious changes or activity can be dealt with in near real time. This means faster detection in the event of an attack as well as faster remediation.
Nejad says, "Another advantage of ThreatRespond is the ability to evolve with the threat landscape. This is done by the creation of correlation rules. By creating an advanced set of correlation rules, we can apply our threat intelligence across all our partners no matter what industry they cater for. As a new malware variant is detected a correlation rule can be applied or modified to detect and prevent infections. As the threat landscape evolves SIEM technology has the ability to evolve. This ensures that potential weaknesses in security in Office 365, for example, can be shored up and defended against."