0365-security-and-compliance-1

It’s crucial that organizations using Office 365 find and implement a strong, multi-layered email security solution for their users.  Office 365 has quickly become the most popular cloud based platform, making it a prime target for attackers looking for an easy way to compromise email data. In the cloud, email has remained the number one threat vector, with attacks like phishing attacks, spam and ransomware becoming major issues for many businesses.

You need to look at secure Email Gateways, which filter malicious emails before they enter users’ inboxes, Phishing Protection platforms that automatically remove phishing attacks, and email encryption solutions that secure email communications.

Where can you start?

  1. Enable 2FA (Two Factor Authentication) – This will offer the first level of defense for detecting if someone is accessing your emails. If you do not have this now contact us now by sending an email to support@impresscomputers.com
  2. Employee Training – as simple as this sounds, your biggest defense is really ensuring that your employees are not clicking on links or attachments and alerting your IT team immediately if they make a mistake
  3. Ensure that you have a Zero Trust Platform, that does not allow anything except known good, white-listed programs to run, along with a ring fencing options.  We have an example of how this runs.. click here to view.
  4. Enable Microsoft Defender for Office 365. This would add a cost of $2 per email per monthMicrosoft Defender for Office 365 (formerly ATP) is Microsoft’s security platform built for enterprise customers on Office 365. Defender protects organizations against malicious email threats like phishing, malicious URLS and collaboration tools. Defender is included in some Office 365 subscriptions such as the Enterprise E5 tier, and can also be purchased as an additional add-on solution.Defender includes threat protection policies, reports and investigation and response capabilities. Threat protection features include Safe Attachments, which checks email attachments for malicious content, and Safe Links, which provides time-of-click URL verification to prevent access to malicious web pages. Defender also includes anti-phishing protection. This module uses machine learning and impersonation detection algorithms to detect and block phishing attacks.  Microsoft Defender canr protect SharePoint, OneDrive and Teams from malicious files, which not many third party solutions can do effectively.Microsoft Defender is built for use with Office 365. It integrates seamlessly with your Office 365 environment without requiring any configurations or new mail flow rules. There are two versions of Microsoft Defender for Office 365 available, a starter tier which includes threat protection policies, and an advanced tier which also includes automated investigation and response.
  5. Consider having Compliance Monitoring of your emails – this is normally done per environment and is relatively inexpensive

If you are not sure if you are protected we recommend scheduling a FREE security assessment of your environment.

We have also written a report on the Cyber Security Crisis

Contact us on 281-647-9977 if you have any queries.