As Office 365 is hugely popular worldwide, it makes for a very attractive target for cybercriminals. This shouldn’t be a reason not to subscribe to this cloud-based suite, but it is a good idea to understand where Microsoft has built a good layer of security around its products and where it might be a good idea to strengthen those defences with third-party tools.

Today, we’ll go over IT security threats posed by malicious websites and spam email and how well-equipped Office 365 is to combat them. We’ll also take a look at TitanFiltering, our preferred product for boosting Office 365 security.

What is malware?section_1

One of the most common tools used for cyberattacks is malware. The word “malware” is a portmanteau of the words “malicious” and “software” and it’s just as bad as it sounds. After your device has been infected with malware, it can steal your data, render your device unusable and even spread to other phones, tablets and computers in your network.

There are many different types of malware, all of which wreak havoc in their own way: there’s spyware, which can spy on you in order to steal things like your banking details, ransomware, which locks your important files and demands payment for you to get them back and good old-fashioned computer viruses, just to mention a few.

Malware is spread through infected links and files. These can be found in spam email, malignant websites and pop-ups and even social media and messaging apps. The messages can appear deceivingly genuine: they could look like a notification from your bank, your operating system or even someone you know who you don’t know has been hacked.

What is spam and why it’s so dangeroussection_2

Spam email is a common tool used by cybercriminals to spread malware and viruses. They can also use spam to run phishing schemes like the infamous “Nigerian prince” scam or spear phishing campaigns where the malicious email often looks to be from someone within the victim’s company.

Spam is dangerous because it can be very difficult for even the most IT literate among us to detect malicious emails at times. A good level of cybersecurity awareness can go a long way to protect your employees and your organisation, but it’s not always enough. After all, the differences between malicious and legitimate messages can be minuscule and very hard to spot: it could be a very slight misspelling, an extra subdomain in a URL or a different top-level domain (like .com instead of .co.uk).

How Office 365 filters out spamsection_3

Office 365 offers two levels of protection against spam. Exchange Online Protection (EOP) is an affordable option for protecting your organisation against malicious emails: at only £9 a year, EOP offers good protection against well-known scams that use spam, viruses and malware.

Meanwhile, the slightly pricier Advanced Threat Protection (ATP) is able to protect you against specific types of more advanced attacks. It uses a combination of lists of known offenders and machine learning to provide a higher level of email security and malware blocking. You can also blacklist and whitelist domains as you see fit to filter the messages landing in your staff’s inboxes.

Shortcomings of O365’s email security productssection_4

However, what both of these Microsoft solutions lack is the ability to effectively anticipate new, advanced types of attacks before they take place. The way the ATP and EOP filters work is by reacting to cybersecurity threats retroactively: once a new type of attack or perpetrator has been identified, EOP and ATP can protect you against them very well. However, cybercriminals don’t stay in the same place for long, so blacklisting IP addresses known to be linked to spam is only effective up to a point.

While ATP uses advanced techniques like sandboxing suspicious files and URLs before allowing you to access them, third-party tools like TitanFiltering uses things like Bayesian analysis, machine learning, and heuristics to block zero-day attacks and stop spam before it lands in your inbox. It also provides additional security through other advanced methods like greylisting.

Other ways to strengthen your cybersecuritysection_5

There are two ways to protect yourself from cybersecurity threats posed by malware and phishing: user vigilance and anti-malware products. There are many types of third-party products that can help you provide an extra level of protection for Office 365: strong spam filtering, firewalls and multi-factor authentification are just a few examples. Web content filtering is another tool that could dramatically lower your risk of being infected by malware. Our recommended product for this is TitanFiltering.

What is web content filtering?section_6

As we already mentioned, malware, phishing attacks and viruses are spread not only via infected files found in spam email but also through malicious websites. Internet filtering products block access to potentially harmful web content on your business premises. This could be things like porn, gambling, hateful sites and sites suspected of containing malware.

You can block all sites in a certain category or blacklist and whitelist specific URL’s to create a customised policy.

Internet filtering is an extra level of security that protects you and your company from malignant messages containing malware, but its advantages don’t end there. As you can choose to block websites with potentially upsetting content like porn and hate sites, you can offer greater protection for your staff, clients and the reputation of your organisation.

This is especially important for organisations who deal with children or whose wifi is used by the general public, such as restaurants. The benefits don’t end there: blocking potentially harmful content means you can offer a BYOD policy more confidently and your staff’s productivity could improve as they’re unable to access sites that are counterproductive to their work.

Our recommended product for email security, TitanFiltering, also includes a cloud-based web content filter that can be used to block harmful content across multiple locations. It’s a “set it and forget it” type of product that delivers detailed reports on threats it has blocked.

You can customise your internet usage policy so that you know exactly what type of content is being blocked. You can even create different policies for different locations for the best possible user experience. WebTitan works fast and your wifi users will likely never even notice it.

Is TitanFiltering right for you?section_7

In short, a web content filter is an excellent addition to email security products and other security measures like a strong firewall for any organisation that takes their IT security seriously.

Combining sophisticated email security with customisable web content filtering, TitanFiltering offers strong protection against malware and phishing scams. If you’d like to talk about how TitanFltering could strengthen your organisation’s IT security strategy, get in touch with our experts today.

Make sure to check out our blog for more weekly content on cybersecurity and IT strategy and have a look at our events page for details of how you can meet us in person.