Layer Security to Work Protected on M365

Microsoft 365 dominates the global market for unified communications and collaboration, according to IDC.[1] But that only magnifies its vulnerabilities — as security professionals were reminded this month when M365 email filters malfunctioned, exposing users to increased spam and phishing.[2] 

Mimecast’s just-released State of Email Security 2023 (SOES 2023) report echoes concerns about the M365 platform’s inherent risks in today’s environment of accelerating cyberthreats, and makes an ever-stronger case for businesses to add their own protections on top of Microsoft’s. In the report, the vast majority (94%) of security professionals we surveyed across the world say that additional layers of cybersecurity are required when using platforms such as M365.

Security teams worldwide clearly see this need, even though Microsoft integrates some protection into the Outlook email and Teams collaboration tools on its platform. Experts call for a multilayered, “defense in depth” strategy (described below). This type of approach complements native M365 security with best-of-breed secure email systems to fill gaps and protect against eventualities such as Microsoft outages, their system admins’ missteps, and other potentially harmful incidents.[3]

What’s Heightening Security Professionals’ Concerns About Email

Cyberattackers are well aware that businesses worldwide entrust M365 with their essential communications and collaboration. By its own count, Microsoft blocks over 70 billion cyberthreats a year.[4]

No wonder nearly all security professionals see the need to take extra precautions with M365, according to SOES 2023. The report’s more general findings about email over the past year include:

• Greater Reliance on Email: 82% of security professionals have seen their company’s use of email continue to grow.
• More Email Threats: 74% experienced an increase in the number of attempted email attacks on their company during the year.
• Email Outages: 76% suffered email outages of some kind, with 17% reporting severe damage inflicted on their business. 
• Outlook for 2023: 76% believe their company is likely to suffer a negative business impact from an email-borne attack in 2023 — including 37% who consider it extremely likely or inevitable. 

Collaboration Tools Raise New Security Concerns

The fact that using collaboration platforms like Teams is the norm in today’s hybrid workplace has only elevated businesses’ risk. In SOES 2023, the general findings on collaboration platforms include:

• Greater Use of Collaboration Platforms: 90% of security professionals say collaboration platforms are now essential to their company’s day-to-day operations.
• More Threats to Collaborative Work: 38% have had to fend off an increased number of attacks on these platforms.
• Outlook for 2023: 72% believe it is likely that their company will suffer a negative business impact from an attack linked to a collaboration tool in the coming year.

Security professionals are also taking a guarded approach to the native security features in collaboration tools, with over six in 10 saying they’re insufficient to meet their needs. According to IDC, this is the right approach to any cloud-based, software-as-a-service (SaaS) offering. “Growing enterprise reliance on application suites such as Microsoft 365, Salesforce, and Google Workspace means that all organizations should have a data protection and recovery plan that goes above and beyond the baseline protection offered natively by a SaaS application provider,” says the market research firm.

Securing the growing data archives associated with collaboration platforms adds another level of concern to be addressed. According to Osterman Research, “While Microsoft offers some native capabilities for archiving and data protection for Teams, third-party archiving and data protection solutions offer a range of elevated capabilities that enable firms to fully satisfy the compliance and privacy regulations to which modern organizations find themselves subject.”[5]

Multilayered, Defense-in-Depth Approach

Defense in depth is a multilayered approach used in conjunction with native M365 security features to provide a much greater degree of protection. The theory is that if one security control fails to block a breach, others are in place to catch it. A defense-in-depth approach includes:

• Network Security Controls: to restrict data and network access.
• Anti-malware Programs: to detect and block viruses and other malevolent software.
• Data Integrity Testing: for identifying inconsistencies in data files.
• Behavioral Analysis: for recognizing abnormal user activity.

The Bottom Line

As of this writing, Microsoft fixed its faulty email filtering.[6] But there’s always a next time. Security professionals are well aware of this, with “Patch Tuesday” firmly established in their calendars as the day the company pushes security fixes and other software patches.[7] Indeed, 94% of them told us that M365 security features need to be augmented for better email security. Best practice calls for a multilayered, defense-in-depth approach to protecting your company’s essential communications and collaboration. 

Read the full State of Email Security 2023 report. 

Source: Microsoft

[1] “Worldwide Unified Communications & Collaboration Market Maintains Positive Growth in Q2 2022,” IDC

[2] “Microsoft’s Outlook Spam Email Filters Are Broken for Many Right Now,” The Verge

[3] “Latest Microsoft Teams News,” Bleeping Computer

[4] “Microsoft Digital Defense Report 2022,” Microsoft

[5] “Archiving and Data Protection with Microsoft Teams,” Osterman Research

[6] “We’re All Good!”, Microsoft

[7] “Patch Tuesday: Microsoft Warns of Exploited Windows Zero-Days,” SecurityWeek