Add-ons secure Office 365 from advanced attacks

Microsoft adds features to further secure Office 365 against advanced threats, such as email phishing attempts and malicious attachments.

Security concerns keep IT decision-makers on their toes. Cyberattacks against organizations have grown more sophisticated; attackers can shut down a business by slipping a ransomware infection past the protections IT staff put into place. Standard antivirus and malware tools are not enough.

Microsoft has added several new security features and capabilities to secure Office 365 and help organizations protect themselves from numerous threats.

Previously, Microsoft's only way to secure Office 365 customers was through Office 365 Exchange Online Protection (EOP). The company included the add-on in its enterprise plans, but customers could also purchase it for other service plans. EOP targeted messages that contain known signatures that match existing spam, phishing, virus and malware, delivering multilayered protection. But similar to other signature-based antimalware products, infections and ransomware variants still snuck past protections.

EOP alone isn't sufficient. Enterprises need functionality to detect and protect against new threats. In response, a number of companies in finance and healthcare use external and non-Microsoft tools.

Microsoft's enterprise plan (E5) addresses these gaps by adding several security capabilities, which the company makes available for subscribers on other plans as the Office 365 Advanced Threat Protection add-on. Some of the enhancements and security capabilities available to Office 365 users either in the E5 plan or as an add-on are:

Protect from phishing attempts

It is no longer enough to tell end users not to open attachments from senders they don't recognize or know. Many phishing incidents and infections now come through email messages that appear to be from a manager or executive at the recipient's organization.

To secure Office 365, Microsoft offers a Safe Attachment feature in which the platform performs real-time behavioral malware analysis. This analysis uses machine learning to evaluate the content for suspicious activity and offers significantly better protection than the signature-based antivirus and malware products.

Defend end users from malicious sites

Microsoft added a layer of protection from URLs that show one site in the description but redirect end users to a malicious site that contains exploit kits and other harmful content. To avoid those incidents, Microsoft's new Safe Links feature scans the content of the redirected website. If Advanced Threat Protection deems the site unsafe, Safe Links issues a warning to the end user or blocks them from proceeding to the site.

Detect suspicious activities

The Advanced Security Management feature has a set of alerts that notify IT of suspicious activities within the Office 365 environment. The tool uses advanced algorithms and machine learning to monitor the different Office 365 activity logs to detect potentially malicious activities and raises alerts when the platform detects anomalies. Customers can purchase Advanced Security Management or add it on to an existing plan.

Office 365 analytics could help -- or hinder -- O365 adoption

For Microsoft's Office 365 platform to continue gaining popularity among enterprises, Office 365 analytics need to take a front seat. Analytics engines power the portfolio of services, promising to make companies more efficient and intelligent by providing real-time data on employees' work habits.

Pinpoint the most susceptible end users

Some IT managers say many of their company's executives and high-level employees are targets for malware and ransomware in emails because the attackers will single them out as targets based on high-profile positions. New security features in Office 365 Advanced Threat Protection can generate security reports and trace messages, which enable IT to determine which end users are being singled out as targets. It also identifies which users have clicked on malicious URLs in email messages. This feature helps IT focus on the end users who are more likely to click on links to educate them about associated dangers.

Office 365 security management improvements

Microsoft added features to ease the administrative workload in Office 365. For example, administrators can type a question in the search box on the main landing page. Entering phrases such as "reset password" or "change roles" into the search box triggers the system to provide a link or shortcut to navigate to that section of the website. Microsoft also put its security components in the Security and Compliance Center, so admins who want to secure Office 365 can go to one section of the website and administer all the security features and configurations.

Next Steps

How to test phishing vulnerability of users

Implement and refine multilayered security in Exchange

Client Access policies improve Office 365 security

Dig Deeper on Office 365 and Microsoft SaaS setup and management