Email is a prime target for cyber attackers looking to gain access to your organisation.
It’s no surprise. Email is so critical to day-to-day business.
With increasingly sophisticated malware campaigns being launched daily and data breaches constantly on the rise, how can you be sure your email environment isn’t exposed? With Defender for Office 365, Microsoft answers your call.
You may or may not be aware, but Microsoft is now a giant in the security industry, posting over $10bn in revenue in 2020 attributed to security products, including Microsoft Defender.
This uniquely strong position gives Microsoft access to a huge array of telemetry data (actually 8 trillion security signals per day!) that can be analysed in order to spot threats and alert its clients. In 2020 alone, Microsoft blocked over 30bn email threats.
Microsoft Defender for Office 365 forms a key part of this holistic security suite, helping protect an organisation and employees from advanced, targeted and zero-day phishing, malware and business email compromise attacks.
Microsoft Defender for Office 365 is an enhancement to the standard email filtering and security that comes with Office 365. It gives much greater protection against malicious attacks and the latest threats that can be delivered via email, links (URLs) or collaboration tools, including:
Most businesses will use their mailboxes as a way to allow employees, and sometimes external parties, to share files with each other as attachments. It’s crucial to the effective and efficient running of an organisation that employees can access and use email services freely and easily; but, with malware being as common and sophisticated as it is these days, mailboxes also exist as potential surfaces for a malicious cyber attack.
Microsoft Defender for Office 365 helps resolve this problem by means of a feature called Safe Attachments, which opens any document attached to an email in a cordoned-off virtual environment, in which it then analyses the file for suspicious properties. If deemed unsafe or malicious, attached files are moved out of your inbox and into a ‘detonation chamber’.
“How does Defender for O365 know if an attachment is malicious?”
This means it takes the suspicious attachment and places it in a virtual environment that’s extremely sensitive to any change detected within it. Here, it executes the attachment safely and without risk, and monitors exactly what it does once executed.
You might be wondering – how does Defender for O365 know if an attachment is malicious? Well, there are certain common behaviours that pieces of malware will likely do in pursuit of access to your organisation. This might be establishing a command-and-control communication channel through which to harvest and store desired information, or creating persistence on a user’s machine; there are a range of expected suspicious activities, and Microsoft Defender is wise to them all.
If there’s anything about files that are sent to your mailbox that is detected as malicious, the attachment isn’t presented to the user. You’re left with a clean inbox, and options for further responsive action.
Learn about the key features of Microsoft's new holistic solution for extended detection and response (XDR) – and see it in action! We'll show you:
In addition to attached files, Defender for O365 also monitors links or URLs that are included in or attached to an email, using a component called Safe Links. Expanding on the content-scanning capabilities of Online Protection, Safe Links protects your email environment with immediate effect when links are clicked on by users.
While the content to which the monitored link directs is being scanned, the URL under scrutiny is rewritten so that it goes through Office 365. The URLs are examined in real time, at the exact time a user clicks them, meaning no time or productivity has to be lost in order to ensure protection. If a link is deemed to be unsafe within Microsoft Defender, the user receives a warning not to visit the site, or a notification that the site has been blocked.
This feature also offers extensive reporting capability, meaning you can easily and comprehensively understand what’s happening in your organisation and who’s been receiving malware. You’re given full visibility. It’s an incredibly powerful feature, and one we can expect to continue evolving and adapting on an almost weekly basis.
So, what happens with the security findings Defender for Office 365 makes when it’s performing all these checks and scans? In order to give admins visibility into each potentially dangerous click within the company, the details that Defender uncovers are aggregated into rich reports.
This means you’ll have critical insights into who within your organisation is being maliciously targeted, as well as the category of the attacks you’re up against. Messages that get blocked and individual malicious links contained within them are all traceable once detonated for safety, meaning that – as well as protecting your email environment for you in the immediate instance – Defender for Office 365 also arms you with the information needed to carry out your own responses thereafter.
Today’s malware-laden climate might very well present you with a daunting prospect: whether you shut your mailbox down or open it up to a breach, you risk a disastrous stop to productivity and, potentially, further damaging losses beyond that. The easiest way to ensure this doesn’t happen to your organisation? Microsoft Defender for Office 365.
Harness the power to properly safeguard your mailbox, or risk falling victim to malicious activity beyond your control.
Next, watch our Threat Protection Tools webinar on-demand to discover how the three Microsoft Defender technologies work together to keep your organisation safe.
Or download ‘The business case for cyber security’ e-Guide for best practice on how to take a proactive and pre-emptive approach to tackling the issue.
We'd love to hear from you! Our friendly team can be reached Monday through Friday, from 9am to 5pm.Contact Us
Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.
You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:Windows
Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.