Microsoft 365 is one of Microsoft’s fastest-growing solutions for businesses today. It is also one of the best email and team collaboration suites in the market today. Microsoft 365 has some of the best capabilities, and as such, most organizations are moving to it because it improves the internal email and team collaboration experience. However, because it only comes with basic email security, Exchange Online Protection (EOP), Microsoft 365 has also become an attractive target for cybercriminals. For this reason, it is not uncommon for businesses on Microsoft 365 to experience issues such as:
- Spoofing and phishing attacks
- Spam, viruses, and malware
- Email account compromise
- Business email compromise BEC/CEO fraud phishing attacks. For a more detailed discussion on BEC and CEO fraud, please see https://mailsafi.com/blog/what-is-business-email-compromise/
In this article, we discuss:
- What Exchange Online Protection (EOP) is and what level of protection it adds to Exchange Online and Microsoft 365 users.
- The limitations of EOP.
- An alternative add-on for advanced threat protection to your Microsoft 365 environment that addresses the limitations of EOP.
2. What is Exchange Online Protection (EOP)?
- EOP is a cloud-based email filtering service designed to protect organizations from spam and malware.
- EOP is the default spam/malware email filtering service that’s available to you within Microsoft 365.
- It can be licensed separately for use in your on-premise environment (Exchange, Zimbra, IceWarp, etc).
You can find a list of all the features EOP provides here.
Even so, EOP has limited features to offer adequate protection against advanced email-borne threats as shown on the Microsoft site here. Microsoft has its own advanced security solution, Microsoft Defender (formerly ATP); however, Microsoft Defender is only available in Microsoft 365 Business Premium. It is also available in the E5 plan. Microsoft 365 Business Basic, Microsoft 365 Apps for Business and Microsoft 365 Business Standard only come with EOP.
3. Limitations of Exchange Online Protection (EOP)
- First, EOP uses a single-layered approach for filtering out malicious email attachments. For this reason, organizations do not get sufficient protection from malicious email that may slip through the EOP filters.
- Secondly, EOP takes a retrospective approach to identifying phishing and malware attacks. This approach makes it ineffective in safeguarding against new and emerging attacks. It only blocks known virus and malware signatures that are included in its static lists, therefore, it cannot offer protection against zero-day attacks.
- Thirdly, EOP lacks time-of-click protection, i.e., it may not protect your user environment when a user clicks on malicious URLs/links.
- Also, EOP offers no protection against Business Email Compromise (BEC) or impersonation attacks or highly-targeted phishing attacks.
- And finally, EOP lacks AI & Machine learning.
Because of these known limitations, it is recommended that organizations using Microsoft 365 implement a third-party solution to boost the security offered by EOP.
In addition, the Microsoft 365 configuration process requires IT expertise that many businesses lack, and Microsoft fails to provide support with configuration, ongoing system monitoring, maintenance and support required to prevent misconfiguration vulnerabilities and keep customers secure. Experience shows that many Microsoft 365 customers continue to report that Microsoft’s technical support organization is not sufficiently knowledgeable when it comes to security issues.
4. Enhancing EOP with MailSafi Email Security for Office 365
To strengthen EOP and reap the many benefits of Microsoft 365 without compromising on security, you should implement a proactive, multi-layered supplementary email security solution like MailSafi’s Email Security for Microsoft 365.
If you want to reap the benefits of Microsoft 365 without compromising on your online security posture, MailSafi offers a comprehensive solution that provides the additional layers of defenses required by email security best practices.
MailSafi Email Security addresses the gaps of EOP to enhance email security for Microsoft 365 as follows:
- First, it offers both cloud-based and API-based protection.
- Second, it does not just rely on known virus/malware signatures. Instead, it scans all conent in real time using behavioral analysis that uses AI (artificial intelligence) and machine learning techniques to evaluate the content for suspicious activity.
- Third, it checks unknown attachments for malicious content through sandboxing before delivery to the recipient, hence offering protection against zero-day attacks.
- Fourth, it has time of click protection, i.e., when a user clicks on a link in an email, MailSafi uses URL rewriting technology to redirect your link to a site which checks it for malicious content to protect against sophisticated malware attacks, targeted spear phishing and ransomware. It scans links in real time as the user clicks them. If a link is deemed unsafe, the user is informed that the site has been blocked.
- Supports DNS authentication – SPF, DKIM and DMARC identity theft protection.
- Multi-layered defense mechanism – multiple spam and virus engines.
- Uses an intelligent auto-learn system that leverages the vast resources of the open source community to anticipate and
- Protection against ransomware.
- Finally, MailSafi Email Security integrates seamlessly with Microsoft 365. It is easy to set and does not interfere with email flow in any way.
Despite the existing email protection that comes with Microsoft’s Exchange Online Protection (EOP), many Microsoft 365 users continue to experience email data breaches. This is because EOP’s email security falls short in safeguarding users against credential phishing, zero-day attacks, and the other advanced email threats. On its own, EOP lacks the type of proactive, multi-layered third-party protection necessary to make Microsoft 365 email safe for business.
Third-party email security solutions are considered the best add-on for Microsoft Office 365.
When third-party email security solutions are added on, the solution matrix makes Microsoft 365 a more secure email and team collaboration solution.
MailSafi Email Security compliments the cloud-native Microsoft 365 model to preserve the benefits of moving to the cloud. It will integrate seamlessly with your Microsoft 365 architecture and existing EOP to protect your mailboxes against malicious links, zero-day attacks and sophisticated threats such as BEC and ransomware attacks.