it's secure?

Is Office365 secure enough?

companies

There is an increasing amount of companies moving their corporate e-mail to the Office365 cloud

mailbox

Office365 is a platform for hosted e-mail and collaboration, but not a Cibersecurity Platform

attack

Office365 is a shared platform in the cloud that can be attacked as a whole or some of its services

add ons

There is a great amount of third party add-ons without control, that can put in risk your Office365 environment.

support

Office365 support is very generic, and documentation too extensive

zero-day

Office365's as well as MS-Exchange's default is to accept e-mails to inexistent mailboxes, and this generates waves of bounces with likely zero-day malware

hacker

Office365 is one of the hackers' preferred target to penetrate organizations, specially because it doesn't treat DMARC p=reject correctly and obliges one to write mail flow rules to handle specific cases.

not secure

Office365's default is not PCI-DSS compatible and allows unencrypted traffic

updates

Office365 is a very extensive platform to be up-to-date with deploying security fixes

cloud

The AVAS SEG Leverage

Mailimit
Mailimit

Just to give an example, a phishing attack targeted to a single user, left the Oregon State without e-mail and blacklisted, because the user sent over 8M spam emails https://www.infosecurity-magazine.com/news/oregon-state-employee-falls-for/

Auditlog
Auditlog

Every change in the security settings is stored in the Auditlog, thus facilitating eDiscovery, forensics and as a fundamental tool of Change Management.

Mailaudit
Mailaudit

All the traffic flow is accesible via Web Interface, facilitating e-Discovery. This way any eventual outgoing phishing or spam can be rapidly located if a user was hacked

Private Cloud
Private Cloud

Every Mail-Exchanger and Outbound Relay server in AVAS SEG is dedicated, has dedicated IP addresses and holds the company's own antivirus/antispam rules

Anti-DDo
Anti-DDoS

The AVAS SEG console permits the listing of words, phrases, IP addresses and blocks, whole domains and e-mail addresses to block, to protect you from specific attacks

Anti-spoofing rules
Anti-spoofing rules

Extensive use of Planisys DNS to ensure the right settings of DMARC, SPF and DKIM to protect your brand in the Internet, and give visibility to third parties to reject ilegitimate e-mails claiming to originate in your organization

Verificación de Receptores
Recipient Verification

Allows to stop at the earliest moment all e-mails directed to inexistant mailboxes to avoid generating a wave of dangerous bounces (backscattering)

Tratamiento de falsos positivos
False Positive Treatment

AVAS SEG lets you identify false positives in virus signatures, and also check malicious domains

Log shipping
Log shipping

AVAS SEG provides a log shipping option for feeding SIEMs, typically providing a logstash forward to Splunk or Elasticsearch

Encriptación de transporte
Transport Encryption

AVAS SEG forces the use of TLS to encrypt all emails directed to Office365, and to set PCI-DSS option to encrypt all stages of incoming email

Excepciones a los controles
Exceptions

AVAS SEG permits to declare IP addresses or domains that are poorly configured and are important to keep communication with, to put them into a whitelist

cloud

Conclusion

  • 91% of cyber-attacks start through e-mail, and 93% are targeted to specific people within the organization (spearphishing)

  • Office365 needs a complement to make focus in E-mail Cybersecurity like AVAS SEG

  • it is imperative to better protect the end user in order for him not to receive any phishing e-mails, and in case his workstation or cellphone is compromised, containg the damage

  • AVAS SEG e-mail Security integrates with Office365 through 3 steps Receipient Verification (RV) – Transport Encryption (TLS) y Declaration of Planisys as "partner organization" (Mail flow connector)
it's secure?

Contact Us!

Captcha: captcha
Planisys 2024 © All rights reserved.