Although no modern business can function without email, the sheer popularity of the medium also makes it one of the most vulnerable. In fact, more than half of all emails sent are spam, and over 92% of malware is delivered through email. In business environments, a consumer-grade spam filter simply isn’t enough to safeguard corporate communications.
For more effective protection, firms can turn to Microsoft’s Advanced Threat Protection (ATP). ATP is a cloud-based email filtering service provided as part of most Office 365 subscriptions, including Exchange Online Plans, Business Essentials, and Premium. It’s constantly maintained and automatically updated to provide protection against zero-day threats, harmful links and attachments, and social engineering scams. Here are five ways it protects your organization:
#1. Safe Attachments
Malicious software often arrives in the form of an email attachment. Sometimes, emails containing such attachments might come from an apparently legitimate source or from a compromised account belonging to someone the recipient recognizes. Malicious attachments may be executable files or something more innocuous-looking, such as a Microsoft Word document containing an inimical macro. The Safe Attachment feature automatically tests every incoming attachment in a self-contained virtualized environment to see how it behaves. If the feature detects any suspicious activity, the attachment will be deleted, and the email will be flagged as potentially malicious.
#2. Safe Links
The overwhelming majority of malware never gets past scanners and spam filters. Knowing this, cybercriminals often prefer to use less suspicious methods. Most people don’t give a second thought to clicking on a link in an email (unless it’s overtly suspicious). The problem is that many links lead to malicious websites designed to capture private information, such as login details for legitimate online accounts.
In the same way it tests every incoming attachment, ATP actually visits every link in an email to determine whether or not it’s safe. If the linked website cannot be verified as legitimate, the URL will be blocked, and users will be presented with a warning page.
#3. Spoof Intelligence
Most cybercriminals choose to exploit human ignorance rather than technology vulnerabilities themselves. A common method is to impersonate a representative of a legitimate company or even someone the would-be victim knows personally. Unsurprisingly, the personalized nature of these attacks can make them very hard to distinguish at a glance.
To address this, administrators can use ATP’s spoof intelligence to set up filters that detect potential policy violations while reducing the number of false positives. It also automatically verifies email domains to ensure that senders are who they claim to be and are not using techniques to hide their real addresses. Furthermore, extensive customization options make it easier for administrators to integrate their existing email policies into the system.
Most data breaches start with a phishing scam whereby a cybercriminal successfully dupes a victim into surrendering confidential information such as login credentials or payment details. Solutions like malware scanners are completely ineffective against such attacks, which is why companies are starting to implement machine learning technologies to automatically identify potential phishing scams, including targeted ones. The anti-phishing capability of ATP uses machine learning to decide if emails are malicious or not and provides clear warnings if it detects something that looks suspicious.
#5. SharePoint, OneDrive, and Teams Integration
As the industry standard in workplace productivity, ATP works across the entire Office 365 environment to provide protection for Microsoft Teams, OneDrive, and SharePoint in addition to your emails. ATP scans every file as soon as it attempts to enter any of these systems, so it’s triggered by events like file sharing and uploads. Potentially suspicious files are placed in a quarantine folder where they cannot be downloaded until a member of your security team has evaluated them and determined whether or not it’s a false positive.
Edward Technology provides IT support and security that transform business IT networks into secure cloud-hosted infrastructures. To learn more about how Advanced Threat Protection can protect you, contact us today to schedule your first assessment.