Microsoft made a major strategic shift towards the cloud a few years ago that is certainly paying off. Driven by a surge in Exchange users migrating off in-house email servers, online productivity suite Microsoft Office 365 is taking Google and others on at their own game – and in many cases, winning.
But while Microsoft Office 365 contains built-in security features, many organizations are looking to enhance risk mitigation efforts by applying additional content security controls to the platform. In light of the growing trend towards covert, targeted attacks, this is a sensible strategy – and it’s why Trend Micro will be showcasing new technologies at Microsoft Ignite this week.
The targeted attack epidemic
Targeted attacks and APTs represent one of the biggest threats to corporate data in decades. Designed specifically to bypass existing defenses, exploit vulnerabilities and other security gaps in enterprise systems and remain hidden from traditional scanning software, they’re difficult to spot and even harder to stop. Targeted attacks typically start with a spearphishing email containing a malicious link or attachment – specially crafted to trick the user into clicking on or opening it. Doing so will begin a malware download in the background – enabling the attackers to gain network access and eventually to navigate to your organization’s most prized assets: its data.
Office 365 is a fantastic productivity platform allowing instant access to a range of hosted services wherever you are. These include Exchange, Lync, SharePoint and Office Web Apps – the latter featuring Word, PowerPoint, OneNote, Outlook, Excel and cloud sync and share service OneDrive. But the multiplicity of services also means an increased number of entry points for attackers. Aside from email, they can also get in via SharePoint and OneDrive. And OneDrive for Business is specifically designed to make file-sharing incredibly easy for users – replacing the email attachment with a simple link.
It’s no surprise that, according to Verizon’s latest Data Breach Investigations Report (DBIR), 70-90 percent of attacks spread from Victim 0 to Victim 1 in less than a day, and 40 percent in less than an hour. This understandably concerns many Office 365 users.
While Microsoft includes excellent security for the data centers where Office 365 is hosted, IT managers want more security applied to content flowing through their online productivity platform. The truth is that nearly two-thirds (64 percent) of targeted attacks in 2014 used malware hidden in attachments such as Word, Excel and PowerPoint files. What’s more, such is the volume of malware around today, that 70-90 percent of malware samples are unique to an organization. IT Security wants to bolster their protection without impacting the user experience and productivity gains of Office 365.
Help at Hand
Thankfully, there are tools and technologies which organizations can invest in to enhance the existing Office 365 content security controls. Trend Micro has developed two in particular that can help boost email and file-sharing security within the platform:
Document exploit detection – inspects the components of Office files to look at attempts to exploit known and unknown vulnerabilities in Office applications. It’s effective at discovering malware hidden in office files as was used by criminals in two-thirds of targeted attacks in 2014.
Sandbox malware analysis – unlike static pattern file techniques, sandbox technology looks dynamically at suspect files to observe their behavior. They are opened in a virtual environment in and monitored for malicious behavior, such as dropping files in the background, opening a backdoor on the system, or making contact with a server controlled by criminals. This technology is effective at detecting malicious files before an antivirus pattern file is available.
Both of these detection techniques are available for not only Office 365 email but also OneDrive for Business and SharePoint Online. They are enhanced with up-to-date information from the Smart Protection Network, Trend Micro’s security intelligence network, which analyses and correlates 100TB of threat information daily.
If you want to find out more about how our new technologies can help improve security for Office 365 email, OneDrive for Business, and SharePoint Online, stop by our booth (no. 230) at Ignite in Chicago, May 4-8. Or, check out our solutions here.