Cybercriminals go after businesses in the cloud:
The most common cloud software powering businesses today is Microsoft 365. Over 200 million were using 365 in Q1 of the 2020. As the number of businesses relying on Microsoft 365 grows, it is important to keep in mind that it is not just employees who need protection, but also IT administrators who need the right tools to secure assets hosted in Microsoft 365, especially considering criminals have a particular interest in targeting IT admins, as they have high levels of access that, if compromised allow an attacker to deliver malware and ransomware to other devices in a network or just steal data. Fake emails warning about expired Microsoft 365 licences and “unauthorised access” to Microsoft 365 email accounts were being sent to IT administrators to trick them into clicking links, redirecting them to fake Microsoft 365 login pages asking for their admin credentials. Clever, and very dangerous.
Microsoft 365 emails number in the billions, likewise phishing emails come in vast numbers:
Of more than 470 billion Microsoft 365 emails sent every month, nearly 1% are phishing emails. To add more meat to these numbers, 0.8% of 470 billion emails represents around 3.6 billion phishing emails, an absolutely vast number, all just a click away from disaster. This is where ESET Cloud Office Security (ECOS) enables businesses to protect themselves and employees from dangerous emails. ECOS adds a crucial layer of security on top of the built-in protection in Microsoft 365 by taking advantage of ESET’s award-winning engine, the same as used in ESET Mail Security, to scan all incoming and outgoing emails and attachments in Exchange Online for spam, phishing and malware.
ECOS quarantines suspicious emails and automatically triggers an email notification to allow immediate remediation steps. This includes the possibility to look at further details about the quarantined emails and either delete or release them. Admins can also set up ECOS to automatically delete or move detected items to the junk or trash folders. In addition, ESET Cloud Office Security integrates with OneDrive to scan all files for malware. This greatly helps businesses to lock down malware before it can spread in their environments and disrupt business continuity. Administrators can access the ECOS dashboard remotely through any major browser. The dashboard provides a range of views and capabilities useful for admins including:
- Detection statistics
The ECOS dashboard provides an overview of users that have received the most spam, malicious and phishing emails, the top suspicious OneDrive accounts, and dedicated views for Exchange Online and OneDrive detections. If an admin needs to see at what times malware, spam and phishing detections are peaking, ECOS also provides hour-by-hour traffic numbers.
- Detection filtering and identification
Checking your environment for indicators of compromise (IOCs) is a quick way of identifying the presence of attackers in your network. Common places to gather IOCs are in news reports and threat intelligence data feeds. With ECOS, admins can take the hashes of recently discovered malicious files and run a search in their Microsoft 365 environment for any matches. Detection filtering in ECOS can be done not only based on hashes, but also on tenant, action taken, subject, sender, recipient, name of user, scan result, detection name, owner name and owner object.
If no detections are found after deploying ECOS, does this mean that ECOS is not protecting users? No. By checking the logs, admins can see that while ECOS is scanning emails and files, all items so far are free from malware, phishing and scams.
- Custom protection settings
It is likely that certain groups of users in your Microsoft 365 environment will need the flexibility offered by tailor-fit protection settings. For example, a competitive intelligence team would be better served with looser anti-spam settings to ensure that all marketing communications from competitors are received. For other teams, however, spam is likely to be a problem that can distract employees. With ECOS’s anti-spam settings turned on, inbox junk is eliminated and employees can focus better on important tasks. Via a policy-based model, ECOS can apply custom settings per organisational unit and per user.
- Automatic protection
A common admin task is new user enrolment. In ECOS, admins can automatically assign a licence to a new user and enable protection via a group policy. In other words, automation of new user mailbox protection saves time and eases management for admins.
Get a free trial of ESET Cloud Office Security by contacting Pink Connect at firstname.lastname@example.org or by calling one of our Security Experts on 0345 450 9393.