Enhancing Microsoft Office 365 Security – What You Need to Know
The attraction of Office 365 is clear. Why set up your own Exchange Server, or manage and maintain Office software, when Microsoft can take care of it all for you?
Consider, however that when you hosted your Microsoft infrastructure in your own datacenter, you supplemented it with security technology from other suppliers to reduce the risks of malware threats and guard against service outages. These risks haven’t disappeared in your new cloud and Office 365 world.
This paper discusses why businesses are making the switch to Office 365 and examines some of the key IT security challenges that arise in doing so. It then looks at the critical security technologies that businesses should have in place alongside their Office 365 deployment.
Adoption Of Microsoft Office 365 Is Growing Fast
Uptake of Office 365 continues at a rapid pace. A recent Gartner report (ref: Implementing Office 365: Gartner Survey Results and Analysis, 2016 Published: 4 May 2016), estimated that 78% of enterprises use, or plan to use Office 365 within the next six months, up 13% from a previous survey taken in 2014.
It’s easy to see why Office 365 is an attractive proposition for businesses of all sizes. It gives them access to the de-facto standard in communication and collaboration tools without any of the up-front or ongoing maintenance costs of managing the hardware and software required to run these services in-house. Deploying Office 365 means no upgrades, new servers, or additional on-site security systems to protect this infrastructure when new cyber-attacks threaten. It’s easy to decrease your usage by turning off redundant accounts or provide staff with new accounts as your business grows.
Effectively, you are outsourcing the responsibility of the maintenance of your Exchange servers and business applications to Microsoft. This, in turn, reduces the workload of your IT staff and frees up time for them to work on other IT projects.
Concerns around Office 365 security remain While Office 365 is a fantastic tool for business productivity and Microsoft provides robust security for customer data held in the cloud, there are many more security factors to consider. In fact Gartner suggests that today 40% of Office 365 users are securing their deployment with third party security solutions to fill the gaps in security. Your users, workstations, servers, and data outside of the e cloud all need additional security. There are a number of areas that need to be considered:
Firewall and Web Security: Office 365 doesn’t provide a secure web gateway to protect and control end user internet access or a firewall to secure the organization perimeter. Email Security and Continuity: Although Microsoft offers add-on subscriptions to deliver Email Security features many customers report issues with spam and malware getting through and as a result prefer to put their security in the hands of security specialists. And recent and fairly frequent Office 365 outages have meant that email continuity services are required, for example Email Spooling and Emergency Inbox for users to access mail when the service is down. Microsoft Exchange Online (included in the E1, E3 and E5 Office 365 plans) doesn’t provide the critical email continuity features you may have deployed on your premises. Next-Gen Endpoint Security: Office 365 doesn’t provide defenses on endpoint devices against dangerous malware threats such as ransomware. These concerns are being felt by organizations out in the real world. Recent Sophos surveys identified ‘system reliability’ and ‘lack of security’ as the biggest concerns for organizations using Office 365 as their email platform.
To View the Whitepaper in Full Click Here