Contact Us

The Skysnag Blog

Microsoft Office 365 + Secure Email Cloud: All You Need in a Cloud-First World

June 1, 2022  |  4 min read

You’ve heard the statistics… more than 70% of all business users will be provisioned with cloud office applications in the next two years, including email. It’s an overdue modernization that eliminates physical infrastructure to drive cost savings and integrate services for improved productivity

Chasing this move, cybercriminals intent on account takeover are evolving their tactics, targeting end users with various identity-deception scams. Their evolving tactics and your defenses against them deserve a closer look.

Email remains the number one threat vector for data breach. And Microsoft itself is the number one abused brand when it comes to impersonation email attacks.

Common spoofing tactics include malicious emails disguised as a Microsoft Office 365 password update and an invitation to edit a OneDrive document linking to a spear phishing page. O365 customers can add Microsoft Advanced Threat Protection to help identify malicious links, but cybercriminals are getting crafty and can weaponize those links after the email is delivered.

So on the one hand, implementing Office 365 can drive triple digit ROI. On the other, business email compromise and spear phishing can wipe out the most robust ROI with just one successful attack that results in an account takeover, unauthorized transfer of cash, or loss of intellectual property or sensitive information.

From Legacy SEG to Microsoft Office

Particularly with the addition of Microsoft Exchange Online Protection (EOP) and Advanced Threat Protection (ATP), Microsoft Office 365 is better protected than any platform that came before it.

Key capabilities such as anti-spam, virus/malware detection, data loss prevention and the afore-mentioned URL and attachment analysis traditionally found in the secure email gateway have been integrated as native capabilities in the platform. A recent Gartner report actually scored Microsoft higher than all the major secure email gateways for anti-malware and anti-spam features.

With basic email security covered by Microsoft Office 365, many organizations have eliminated their secure email gateway. Meanwhile, attack sophistication has evolved from content-based techniques such as malware and unsafe URLs, to crimes of identity deception that signature-based controls are ill-equipped to address.

With basic email security covered by Microsoft Office 365, many organizations have eliminated their secure email gateway. Meanwhile, attack sophistication has evolved from content-based techniques such as malware and unsafe URLs, to crimes of identity deception that signature-based controls are ill-equipped to address.

Enter the Secure Email Cloud

Advanced email attacks can appear as plain text messages targeting basic human emotions such as fear, anxiety, and curiosity. These socially-engineered attacks trick unsuspecting users into believing they are interacting with a legitimate person or service, when if fact they are being conned.

Agari delivers important capabilities to protect against identity-deception attacks, secure the corporate email sending domain, and detect and respond to threats that have either evaded initial detection or have weaponized post delivery. These capabilities support cloud-based, on-premises, and hybrid email environments.

This is why enterprises who have adopted Microsoft Office 365 EOP / APD are choosing to pair that investment with the Secure Email Cloud. In fact, over 2/3rds of Agari customers with Microsoft Office 365 do not use a secure email gateway.

The Secure Email Cloud differs in several remarkable ways from legacy security controls, especially when paired with the built-in controls of Microsoft Office 365. Let’s peel back the layers.

Continuous Protection vs. Event-Based Detection

Through the power of predictive AI and advanced machine learning, the Secure Email Cloud fundamentally transforms email security from event-based inspection of incoming messages to continuous detection and response of newly discovered threats. This includes new messages as well as those that have already reached the inbox.

This approach stops advanced email attacks including those that organizations have not seen before, and can delete messages from Microsoft Office 365 inboxes that weaponize after initial security screening. Here’s how it works.

Agari uses what we call the Agari Identity Graph™ to map trust and authenticity relationships between individuals, brands, businesses, services, and domains. We even model organizations within businesses and geographic relationships. The Identity Graph is informed by telematics from around 2T emails annually. It models and scores emails and sending behaviors to the level of around 300 million model updates each day.

The novelty in this approach is that rather than detecting known signatures of malicious email or using static lists of trusted senders or domains, Agari dynamically models the good to detect the bad. Based on mathematical divergence in the scoring from known good emails, Agari applies human-like intelligence and decision making based on tailorable policies to detect and respond to malicious messages.

Agari also automates the processes involved in Domain-based Messaging, Authentication, Reporting, and Compliance (DMARC), making it easy to authenticate messaging and reach enforcement. This prevents cybercriminals from impersonating the brand via email and the associated BEC attacks targeting employees (e.g., executive spoofing) and customers (e.g., customer phishing and fake invoicing).

The Benefit of Integrating Microsoft Office 365 with the Secure Email Cloud

Agari’s next-generation Secure Email Cloud has distinct advantages for Microsoft Office 365 deployments. It’s a cloud-native offering that augments the native security controls found in Microsoft APD / EOP, and can remove messages from Microsoft Office 365 inboxes that have already passed initial security screening.

That is part of the reason why leading organizations including Honeywell, JPMorgan Chase, Aetna, Apple, Facebook, the United States Senate, Comcast, Air Canada, Apria Healthcare, and even Microsoft choose Agari to protect against advanced email attacks.

Check your domain’s DMARC security compliance

Enforce DMARC, SPF and DKIM in days - not months

Skysnag helps busy engineers enforce DMARC, responds to any misconfigurations for SPF or DKIM which increases email deliverability, and eliminates email spoofing and identity impersonation.