Protect your O365 now

It seems nearly every organization in has moved their email to MS Office365, or they are planning to switch soon. Given maintenance overhead associated with on premise MS Exchange and other enterprise mail systems, the decision is easy.

While web browsers will indeed be the client OS one day, MS Outlook remains the ubiquitous application for the workplace today. Going with a different platform just brings more complexity and feels like an unnecessary uphill climb.

So, what does this mean from a security standpoint?

This enormous population of Office365 users has become the primary target for sophisticated and prolific email attacks. Criminals have applied their best technical talent toward learning the underlying operation of MS O365 and crafting customized malicious code to be more effective within that environment.

As part of this process, malware developers and hacking entities have invested significant research into the operation of the two levels of security Microsoft offers for the platform – Exchange Online Protection (EOP) and Advanced Threat Protection (ATP).

While the base EOP security for Office365 has been shown to be very effective against known variants of malware, a recent study by Osterman Research found the MSFT protection did not perform well against the growing wave of targeted and advanced threats. The higher level ATP security delivered much better results, but this comes with significant cost increase over and above the standard subscription.