Office 365

Office 365 has become integral to an increasing number of enterprises, but many are still wary of the cloud service, particularly when it comes to security. Some of these fears are warranted, but by combining Office 365 with best of breed security solutions much of their concerns can be alleviated.

Leptop office smartphone

Email is a business-critical service for the vast majority of organizations.

Despite years of claims that it will be replaced by other tools, it doesn’t appear to be going anywhere fast. In fact, it’s estimated that, by 2020, the number of email users in the U.S will reach 250 million. What is changing is how we facilitate email. As with many other business services, it’s increasingly moving to the cloud and Microsoft Office 365 has swiftly become the de facto provider for an increasing number of organizations. In fact, Office 365 commercial monthly active users reached 120 million in October 2017. According to Microsoft itself, it expects 70 percent of customers to be using Exchange Online in Office 365 instead of Microsoft Exchange on premises within the next year. But there are still those holding out, with 32 percent of respondents to a recent survey claiming that email security concerns are stopping them from moving their email to the cloud.

Microsoft does offer two levels of Office 365 email security to customers – Exchange Online Protection (EOP) and Advanced Threat Protection (ATP). Neither offers true enterprise class – or best-of-breed security – and many organizations choose third-party security solutions that are complementary and can enhance the security of the Microsoft platform – an approach advocated by analyst firm Gartner.

While Office 365 email security tools provide a level of security from email-based attacks, even Advanced Threat Protection (ATP) does not include ultra-modern, multi-layered security that is common in third-party email security solutions. Microsoft’s Office 365 email security capabilities are powerful against traditional spam but less effective against the modern, highly-targeted email threats, such as CEO fraud. There’s also the issue of service uptime and availability, which is a major concern for organizations adopting Exchange Online. Searching ‘Office 365 down’ on Twitter, quickly reveals that uptime isn’t always a strength of the service. Given how critical email is for employee productivity, any risk of downtime is a mark against Exchange Online.

Email Archiving

The final hurdle for a lot of businesses is archiving. Organizations, especially those working in regulated industries, need to ensure that they comply with legislative and regulatory requirements. While Office 365 protection does have email archiving, it is not a best-in-breed product or fully compliant, and many businesses will require or desire additional features such as tamper-proof storage and functionality to quickly respond to e-discovery requests or warrants.

None of these issues mean that organizations should abandon Office 365. Instead, they simply need to be aware of Office 365 cloud security limitations and deploy best-of-breed security solutions alongside it. For example, an additional email continuity solution will provide users with an ‘emergency inbox’, usually via a web portal that contains access to inbox and sent items from the last 7-30 days, meaning that if the primary email provider (or server) fails, users can still read and respond to email until service is restored. This provides a level of reassurance for companies, particularly when moving email off premises.

Censornet Email Security

Email Security

Secure your entire organization from known, unknown and emerging threats - including email fraud.

Discover more

Cloud-based software can be used productively and safely for business. However, companies should not settle for the standard tools, but instead seek out advanced solutions to ensure the safety of their data and integrity of their compliance programs.

Office365 Insights


Why is Office 365 email a security risk?

When it comes to digital transformation, moving to the cloud is key. According to Forbes, 83% of enterprise workloads will be ...

Read More_
Coffee cup

Coffee breaks for all as Office365 goes down

Office 365 has gone down, again. Being a Microsoft customer must sometimes be like Groundhog Day. This time, the suite ...

Read More_
Red sweets

When the suite is not so sweet

In a world where the majority of data breaches start with weak or stolen credentials, many businesses have added an ...

Read More_
Laptop email

How Business Email Compromise continues to wreak havoc in the boardroom

So, let’s kick off with the blindingly obvious, Business Email Compromise or CEO Fraud isn’t new. I didn’t wake up ...

Read More_

Want to discuss your specific security requirements?

Get in touch for an informal conversation

Not ready to renew yet?

If you're interested in Censornet security services but your existing service not ready to renew, give us a few details and we'll be in touch nearer the time.