Smart companies use phishing prevention technology to protect their employees and organization from phishing attacks. And whether they use their own, on-premises email server, or opt for a cloud-based email provider, companies have some important security decisions to make.
One of the most popular email service providers is Microsoft with their Office 365 product. Office 365 is a cloud-based subscription service offered by Microsoft to replicate their Office product line, including Outlook, their email service.
When it comes to protecting their Office 365 email users, Microsoft offers something called Advanced Threat Protection or ATP, which of course requires a separate monthly service charge. According to Ironscales, “Currently Office 365 offers no phishing protection without Advanced Threat Protection (ATP).” So, if you want phishing protection, you have to purchase ATP, at least that’s what Microsoft hopes.
If you use Office 365 for your mail service and you want to protect your company from phishing attacks, the obvious question to ask is, is ATP any good? Or, since you have to pay for it separately, is there something out there that might be even better than ATP? Something you could use in its place?
These are important questions because, due to its popularity, Office 365 is the most targeted email platform there is. And unfortunately, attacks against Office 365 are often extremely effective. There are a few reasons for this. The first one is fake, non-delivery emails. In this circumstance, the email masquerades as Microsoft. This fake, non-delivery email from “Microsoft” looks harmless, so users don’t think twice about clicking on “send again.”
Another reason attacks against Office 365 email are effective is because, frankly, ATP isn’t particularly good when it comes to stopping advanced phishing attacks. It will probably block an email if the attachment is suspicious or the embedded link matches ones known to be from a malicious site. Other than that, it doesn’t do much.
Other limitations of ATP include the following:
- Questionable effectiveness against business email compromise (BEC)
- No clear indicators of post-delivery incidents
- No real-time threat intelligence
- Limited end-user controls
The market understands these limitations. “According to figures from Gartner, in order to bolster protection, an estimated 40% of Microsoft Office 365 deployments will incorporate third-party tools by the end of 2018 with the figure predicted to rise to half of all deployments by 2020.”
Our advanced threat defense service offers protection from phishing attacks. It works with all SMTP-based email services, including Office 365. But, unlike Office 365’s ATP, ATD comes with a complete menu of advanced phishing protection technologies. These include:
- Prevention against zero day attacks
- Real-time link click protection
- Smart Quarantine
- Domain name spoofing
- Display name spoofing
- Malicious attachment blocking
- SPF (Sender Policy Framework)
- DKIM (DomainKeys Identified Mail)
- DMARC (Domain-based Message Authentication, Reporting and Conformance)
- ARC (Authenticated Received Chain)
- BIMI (Brand Indicators for Message Identification)
You can quickly see that not all advanced email security services are created equal.
If you need to protect your Office 365 email from phishing attacks, and you want a solution that does more than Microsoft’s ATP while costing less, check out Advanced Threat Defense service. It’s quick to set up, comes with no contracts and has a 30 day money back guarantee.