Bolstering Office 365 Mail Security
Like many security-conscious companies today, this Mid-Atlantic-based consulting firm agreed to share its experience in securing Office 365 under terms of total anonymity. The name of the individual cited within has been changed for this article and this document was reviewed and approved by the firm prior to publication.
With a rich history, this firm provides market research and consulting for some of the largest companies in the U.S. The company relies heaviliy on market data and advanced methods of analysis to advise its clients on highly strategic marketplace decisions.
The company’s chief security architect, whom we’ll call “Jim,” was all too familiar with the risks and vulnerabilities inherent with Microsoft Office 365. “Although we don’t have financial information or HIPAA-regulated data to worry about, it certainly wouldn’t be good if any of our intellectual property got leaked out and exposed in any way,” Jim noted. “I used to think we would be an obscure target, but now it’s pretty clear that no one is beyond the reach of today’s hackers.”
“Prior to Avanan, our CFO was getting spear-phishing attacks on a weekly basis.”
Jim’s primary concern with Office 365 was mail protection since the company migrated from Exchange in 2016. “Our CFO was getting spear-phishing attacks on a weekly basis,” Jim reflected. “If you’re depending on the Microsoft security stack to protect you, you’re in a battle with someone who has more patience to find out what you’re more vulnerable to,” he continued. “You need additional layers of security to insulate you against those bad actors. If you have something worth protecting, someone is going to try to get to it.”
Jim implemented the Avanan Cloud Security Platform to unlevel the playing field with hackers. “Microsoft does a good job with security and spam, but as more and more businesses use Office 365’s default security stack, we’re all increasingly vulnerable to someone who takes the time to hack that layer. Avanan offers an additional layer of security that will help our firm stay safe,” Jim pointed out. Jim’s stack on the Avanan platform initially included:
- Check Point Threat Emulation
- Check Point Antivirus
- Solgate Email Protection
- Avanan Smart Phish filter
“I really like that Avanan allows these checks to happen in parallel – I don’t have to wait for Check Point Antivirus to finish before the next product does its checks, as these happen all at the same time, which means it’s very fast, and it’s all completely seamless to users, with absolutely no latency,” Jim reflected.
Jim no longer worries about spear-phishing attacks targeting his CFO. “I was really happy to see Avanan start blocking these things,” he noted. “One attack got past Office 365’s junk folder, and it certainly would have gone straight to the user’s inbox, but Avanan said, ‘Nope!’ That made me really pleased.”
“I was thrilled when I found out that Avanan was affordable and easy to set up and use. I also like that it’s been fairly invisible to my users. It’s been no hassle for them at all and has had absolutely no interference to their work whatsoever,” said Jim.
“I definitely got what I was promised. I have a security stack matrix that lets me turn on levels of protections for services that would otherwise be naked and exposed. It’s utility priced so you only pay for what you consume.”
In closing, Jim remarked, “It's like life insurance – it just makes me feel good to know it’s there to keep me safe from whatever lies ahead.”