Microsoft 365 security: world-class, but not foolproof

SMX SMX 365 To SEG Blog 20 04 2023

Microsoft 365 security: world-class, but not foolproof

You need the right email gateway

If you’re thinking about cybersecurity, you need to look at the security of your organisation’s emails. That’s because 90% of successful cyberattacks begin with an email

That’s actually good news – if you get your emails locked down, you can dramatically improve the security posture of your whole organisation. However, too many companies think they’re more protected than they are, especially if they’re relying on Microsoft 365’s security, which is great, but not perfect.  If they’ve added an email gateway it might be making things even worse.

Microsoft 365 security alone won’t cover you

Exchange Online Protection (EOP), Microsoft’s native email security filter, is world-class and ever-improving, but it still leaves your company open to risk.

Weak against local and super-targeted threats

EOP is great at blocking known threats, and the biggest international attacks are regularly fed into the system. However, Australia and New Zealand are often the testing grounds for new attacks, deployed at a small scale before being rolled out globally. According to a new report from IBM, 31% of all incidents monitored in 2022 originated in the APAC region. To EOP, these are novel and can easily side-step its filters.

Microsoft 365 is the number one target

Australasia has one of the highest global market penetration of Microsoft 365 deployments. And that success has made it a target – the platform’s scale means bad actors can develop a single attack strategy with millions of potential targets.

You could be missing out on Microsoft Security entirely

Microsoft has pledged to spend $20 billion over five years on cybersecurity – four times what they had been spending. That’s a huge investment, implemented by some of the world’s best teams, but with most gateways, you don’t benefit from it. That’s because they work by disabling and replacing Microsoft 365’s security defences. SMX 365 is a rare exception.

Adding to Microsoft security, not disabling it

SMX 365 is designed to complement Microsoft 365, rather than disabling and bypassing certain E3 and E5 controls. It amplifies and extends the capabilities of Exchange Online Protection and Microsoft Defender them to give you complete protection – all managed from one dashboard. And then there’s the data – from about a third of New Zealand’s mailboxes and Cert NZ feeds, layering on the protections against novel attacks as they come up.

Layers of protection

SMX 365 is continually updated, with each layer of protection adding to your defences. For example, where Microsoft security has gaps around phishing, SMX 365 steps in with heuristic rules and AI and machine learning (ML) models trained on 1.8 billion mailboxes. Computer vision can also spot subtle image and logo alterations. Predictive blocking analyses 50 million+ URLs in real-time to identify redirection patterns, while fingerprinting and signature-based scanning identify and block bulk spam attacks.

Emails still get through

A locked-down email system doesn’t mean your deliverability will suffer. A unique, highly-tuned classification engine looks at security signals to minimise false positives – those business-critical emails will still reach the right inboxes.

Microsoft security is good, but not good enough

If you’re hosting emails in the cloud and relying on Microsoft security alone, or have added a sub-par email gateway, you’re likely leaving your organisation open to more risk than necessary.

Add SMX 365 and it’s another story. It’s designed for and continually updated to suit a modern threat environment – and fed with regional intel on the latest attacks.

Switching is simple and instantly gives you and your entire organisation better protection against more kinds of cyber threats.

To learn more about the low-touch process of migrating to SMX 365, get in touch.

Upgrade to SMX 365