Email Security Blog

Microsoft Office 365 + Secure Email Cloud: All You Need in a Cloud-First World

Doug Jones November 4, 2019 Email Security

You’ve heard the statistics… more than 70% of all business users will be provisioned with cloud office applications in the next two years, including email. It’s an overdue modernization that eliminates physical infrastructure to drive cost savings and integrate services for improved productivity

Chasing this move, cybercriminals intent on account takeover are evolving their tactics, targeting end users with various identity-deception scams. Their evolving tactics and your defenses against them deserve a closer look.

Email remains the number one threat vector for data breach. And Microsoft itself is the number one abused brand when it comes to impersonation email attacks.

Common spoofing tactics include malicious emails disguised as a Microsoft Office 365 password update and an invitation to edit a OneDrive document linking to a spear phishing page. O365 customers can add Microsoft Advanced Threat Protection to help identify malicious links, but cybercriminals are getting crafty and can weaponize those links after the email is delivered.

So on the one hand, implementing Office 365 can drive triple digit ROI. On the other, business email compromise and spear phishing can wipe out the most robust ROI with just one successful attack that results in an account takeover, unauthorized transfer of cash, or loss of intellectual property or sensitive information.

From Legacy SEG to Microsoft Office

Particularly with the addition of Microsoft Exchange Online Protection (EOP) and Advanced Threat Protection (ATP), Microsoft Office 365 is better protected than any platform that came before it.

Key capabilities such as anti-spam, virus/malware detection, data loss prevention and the afore-mentioned URL and attachment analysis traditionally found in the secure email gateway have been integrated as native capabilities in the platform. A recent Gartner report actually scored Microsoft higher than all the major secure email gateways for anti-malware and anti-spam features.

With basic email security covered by Microsoft Office 365, many organizations have eliminated their secure email gateway. Meanwhile, attack sophistication has evolved from content-based techniques such as malware and unsafe URLs, to crimes of identity deception that signature-based controls are ill-equipped to address.

With basic email security covered by Microsoft Office 365, many organizations have eliminated their secure email gateway. Meanwhile, attack sophistication has evolved from content-based techniques such as malware and unsafe URLs, to crimes of identity deception that signature-based controls are ill-equipped to address.

Enter the Secure Email Cloud

Advanced email attacks can appear as plain text messages targeting basic human emotions such as fear, anxiety, and curiosity. These socially-engineered attacks trick unsuspecting users into believing they are interacting with a legitimate person or service, when if fact they are being conned.

Agari delivers important capabilities to protect against identity-deception attacks, secure the corporate email sending domain, and detect and respond to threats that have either evaded initial detection or have weaponized post delivery. These capabilities support cloud-based, on-premises, and hybrid email environments.

This is why enterprises who have adopted Microsoft Office 365 EOP / APD are choosing to pair that investment with the Secure Email Cloud. In fact, over 2/3rds of Agari customers with Microsoft Office 365 do not use a secure email gateway.

The Secure Email Cloud differs in several remarkable ways from legacy security controls, especially when paired with the built-in controls of Microsoft Office 365. Let’s peel back the layers.

Continuous Protection vs. Event-Based Detection

Through the power of predictive AI and advanced machine learning, the Secure Email Cloud fundamentally transforms email security from event-based inspection of incoming messages to continuous detection and response of newly discovered threats. This includes new messages as well as those that have already reached the inbox.

This approach stops advanced email attacks including those that organizations have not seen before, and can delete messages from Microsoft Office 365 inboxes that weaponize after initial security screening. Here’s how it works.

Agari uses what we call the Agari Identity Graph™ to map trust and authenticity relationships between individuals, brands, businesses, services, and domains. We even model organizations within businesses and geographic relationships. The Identity Graph is informed by telematics from around 2T emails annually. It models and scores emails and sending behaviors to the level of around 300 million model updates each day.

The novelty in this approach is that rather than detecting known signatures of malicious email or using static lists of trusted senders or domains, Agari dynamically models the good to detect the bad. Based on mathematical divergence in the scoring from known good emails, Agari applies human-like intelligence and decision making based on tailorable policies to detect and respond to malicious messages.

Agari also automates the processes involved in Domain-based Messaging, Authentication, Reporting, and Compliance (DMARC), making it easy to authenticate messaging and reach enforcement. This prevents cybercriminals from impersonating the brand via email and the associated BEC attacks targeting employees (e.g., executive spoofing) and customers (e.g., customer phishing and fake invoicing).

The Benefit of Integrating Microsoft Office 365 with the Secure Email Cloud

Agari’s next-generation Secure Email Cloud has distinct advantages for Microsoft Office 365 deployments. It’s a cloud-native offering that augments the native security controls found in Microsoft APD / EOP, and can remove messages from Microsoft Office 365 inboxes that have already passed initial security screening.

That is part of the reason why leading organizations including Honeywell, JPMorgan Chase, Aetna, Apple, Facebook, the United States Senate, Comcast, Air Canada, Apria Healthcare, and even Microsoft choose Agari to protect against advanced email attacks.

To learn more about the next-generation approach for email security, check out the Agari + Microsoft Office 365 white paper

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

May 12, 2020 Chuck Holland

Hosted DMARC: Accelerating Protection Against Email-based Brand Jacking Scams

The coronavirus pandemic is shining a spotlight on the importance of hosted Domain-based Message Authentication,…

Agari Blog Image

March 17, 2020 Armen Najarian

Phishing & Business Email Compromise (BEC): How Law Firms Can Protect Against Email Scams

The legal sector is learning some painful lessons about the growing threat phishing and business…

Agari Blog Image

December 17, 2019 Armen Najarian

Email Security Predictions 2020

Spoiler alert: When it comes to email security and the fight against business email compromise…

Agari Blog Image

November 19, 2019 Suela Vahdat

BEC Attacks on the Rise in Europe: 2019 Email Threat Survey

Business email compromise (BEC) scams, phishing campaigns, and other targeted email attacks happen all over…

Agari Blog Image

November 1, 2019 Ramon Peypoch

Why I Joined Agari: First Impressions, Fast Growth, and the Fight for Email Security

Think back to the offer letter you received for your current position. More likely than…

mobile image