Why email is safer in Office 365 than on your Exchange server

Beyond blocking spam and virus-laden messages, cloud services can determine whether links are safe to visit and whether you’re protecting the right information

Why email is safer in Office 365 than on your Exchange server
Digital Vision

Running your own email servers doesn’t do anything to differentiate your business from the competition (except in a bad way, if you get hacked). But avoiding the effort of managing and monitoring your own mail server isn’t the only advantage of a cloud service. The scale of a cloud mail provider like Office 365 means that malware and phishing attacks are easier to spot — and the protections extend beyond your inbox.

Email protection isn’t just about blocking spam anymore. It’s about blocking malicious messages aimed at infecting computers and stealing credentials. Traditional antivirus scanning isn’t the solution either, because attachments aren’t just executable files you can recognize with a signature. Often, scammers use JavaScript and macros (including PowerShell) to trigger a secondary download with the malicious payload. And embedded links often go to legitimate but compromised sites, so you also can’t rely on site reputation.

Even as malicious messaging is evolving, attacks are increasing. According to security firm Proofpoint, the largest malicious email campaign in Q4 of 2016 was almost seven times larger than the largest campaign from Q3 of that year. And corporate email continues to bear the brunt of the attacks (Google recently noted that attackers send four times more malware and six times more phishing attacks to corporate inboxes than to personal email addresses.) Of the 80 billion messages sent to Office 365 inboxes in a month; 55 billion are spam and bulk emails and over 20 million contain malware or phishing messages that could cause a data breach.

Even with training, relying on users to spot phishing emails is problematic. In a Microsoft Ingnite presentation, Jason Rogers and Phil Newman, both Office 365 program managers, noted that targeted messages in particular are often so plausible that users report spearphishing messages that have been correctly blocked by Office 365 as false positives.

Can cloud email give you better protection? Yes, says Rudra Mitra, partner director for information protection on the Office 365 team. “On premise, you're one enterprise battling these security issues by yourself; your network is a perimeter and you try to see what comes in.” That might be difficult with the scarcity of security talent, Mitra notes. But the real advantage of cloud email is just how much information Microsoft can gather to detect attacks, using the scale of Office 365 and other Microsoft services.

To continue reading this article register now

How to choose a low-code development platform