Information technology has utterly transformed how we live and run our businesses, shrinking the world and accelerating everything we do. But these incredible advances come with an unfortunate and unavoidable byproduct: endless and ever-changing cyber threats.
Since October is Cybersecurity Awareness Month, it’s a good moment to reflect on the role cybersecurity plays in our digital world. Each of us have had to get smarter in our own ways about cybersecurity, whether it’s using (and not reusing) more complex passwords, adopting password managers and multi-factor authentication, or getting better at spotting fraudulent messages. At the same time, the devices and services we use have also grown more sophisticated in how they protect us.
Microsoft Defender for Office 365
One of the key tools in our cybersecurity arsenal is Microsoft Defender for Office 365. This integration comes with Microsoft 365 Business Premium, which we regularly recommend to SMB clients as it eliminates the need for additional security solutions for the bulk of most organizations’ IT needs.
Cybersecurity wizardry mostly happens behind the scenes, so we thought it would be informative to pull back the curtain and help you understand how Defender for Office 365 works.
Layers of Security
Defender for Office 365 works in conjunction with Exchange Online Protection (EOP), which is Microsoft Security’s first line of defense preventing broad, volume-based, known email attacks. The EOP cloud-based filtering service protects against spam, malware, phishing and other email threats, and it’s included for all organizations with Microsoft 365 subscriptions that have Exchange Online mailboxes.
The next security layer is Defender for Office 365, which protects email as well as collaboration tools – Teams, SharePoint and OneDrive – from zero-day malware, phishing, and business email compromise. (Plan 1 is for SMBs’ Microsoft 365 Business Premium; Plan 2 supports Enterprise licenses.)
Defender for Office expands on the EOP layer to prevent and detect threats in a few key ways:
-
Anti-phishing
- Impersonation protection for users and domains – When the sender or the sender’s email domain looks similar to a real sender or domain (e.g. échopath.com or echopath.biz) can trick the recipient into thinking it’s a legitimate message and taking some action that exposes a security risk. The protection prevents specific internal or external email addresses or domains from being impersonated as message senders, so recipients can trust their inboxes.
- Mailbox intelligence impersonation protection – Artificial intelligence identifies user email patterns with their frequent contacts and uses that contact history (both frequent contacts and no contact) to further help protect users from impersonation attacks.
- Advanced phishing thresholds – Admins can control the sensitivity of how machine learning models assess messages for the likelihood of phishing, and what actions are taken based on the degree of confidence.
-
Safe attachments and links
- Attachment checks – Email attachments and files being uploaded to SharePoint, OneDrive, and Microsoft Teams are scanned for common viruses, and opened in a safe virtual environment to ensure they’re safe prior to you having access to them. Password protected files are checked against a list of known passwords or patterns that are typically used by malicious actors.
- Link verifications – URLs in emails, Teams and Office 365 apps are similarly checked for safety before opening in a browser.
-
Investigations
- Real-time detections – Powerful reporting tools help security administrators investigate and respond to threats.
- Email entity page – Highly detailed information about every email message and anything related to them to ensure a complete record of
As you can see, Microsoft Defender for Office 365 provides comprehensive security safeguards for the most common points of entry: your email and collaboration tools.
Knowledge Is Your Best Defense
Of course, hackers are relentless in their efforts to circumvent even the best security tools. While having a solution like Microsoft Defender for Office 365 is critical to protect your organization, the ultimate line of defense is you and your team.
Here are few other common-sense steps you can keep your business safe:
- Provide regular cybersecurity training and refreshers, and generally create a cyber-aware culture by promoting best practices throughout your organization.
- Review and update your cybersecurity policy to set expectations and lay out rules.
- Evaluate cyber insurance and determine what measures would help lower premiums.
- Implement, test and revise your business continuity and disaster recovery plans.
Our digital world is full of both promise and peril. But with the right technology and some savvy, we can get the most out of what it offers safely.