Email Security is achieved via multi-layered security

Why You NEED Multi-Layered Email Security for Office 365

Expert Insights / Nov 27, 2018

One security method alone will not offer the protection businesses need

Office 365 is fast overtaking Exchange to become the dominant email security platform for businesses.

Compete 366 report that 50,000 small and medium sized business are moving to Office 365 every month. This is a staggering number of companies and it’s causing a big evolutional leap in the cyber security industry.

Barracuda Networks Vice President Chris Ross recently stated:

“The key message [for companies who have moved or who are moving to Office 365] is the additional layers of security needed.”

Office 365 includes a standard layer of security by default. However, it is not adequate to protect against advanced security challenges.

Ensuring additional layers of security will become absolutely crucial for businesses to remain secure on Office 365.

Why you need a Secure Email Gateway

Microsoft Headquaters

Image Source

Office 365 does have an inbuilt spam filter, but it’s not up to scratch.

O365 is cheap and easy to use, so it’s trivial for spammers to test their methods until they can bypass Microsoft’s spam filters.

This means there is still a need for traditional email secure gateways. They provide the best protection against inbound and outbound email threats.

Vendors in this market like Barracuda, Fusemail, Mimecast and Proofpoint fully focus on protecting your communications. Microsoft have less financial incentive to do so, and provide a lesser service as a result. It’s for this reason that despite Microsoft investing in their own threat protection, third party email security companies have actually seen revenues rise since the release of O365.

However, while secure email gateways are crucial, they cannot fully protect your business alone.

Attacks are becoming more sophisticated and although a vendor selling email secure gateways may have a service level agreement to stop 99.9% of threats, this still means for every 10,000 spam emails, 10 will get through.

All it takes is this one email to potentially lose your business thousands of dollars.

More Sophisticated Threats

Castle under siege

Image Source

The way hackers are breaching email gateways is changing. They’re now more likely to disguise emails to get them into inboxes.

Imagine a castle, from Game of Thrones. Hordes of White Walkers are running at the castle walls, but not being able to get through. This is your email secure gateway, blocking the malicious emails from entering.

But what the castle walls can’t do is keep out the attackers who don’t look evil. The Lannisters’ who don’t look like it, but who will stab you in the back once they’re through the gates. These are disguised malicious emails breaching email secure gateways.

They are becoming more common and the consequences for businesses more severe.

In the past spam that breached email gateways may have sent employees to adult websites, or exposed them to malware.  But now there is much more at stake for businesses.

Attackers will send fake invoices to try and dupe companies out of money, and it’s a booming industry.

As well as these targeted phishing attacks, attackers are becoming more adept at hiding malicious links.

It’s common now for a hacker to send a link to a clean website in the middle of the night This is scanned by a secure gateway and allowed into the inbox. But by the time the recipient arrives at work, the attacker will have injected that URL with malware.

Why you need Advanced Threat Protection for Office 365

This is why businesses need advanced threat protection, such as Barracuda Sentinel,  Ironscales or VadeSecure.

These products are powered by AI and sit inside Office 365, inside the castle walls, looking for threats. Unlike traditional gateways, these services are capable of understanding communication. They identify when something does not look right, even once it’s made its way through the security gateway.

They can tell when people are being impersonated by looking at multiple factors and scan links in real time. This ensures that people are not being fooled by malicious URLs that have made it past the secure gateway.

These platforms aren’t cheap, but businesses that have been hit by attacks will need these products and it is far better to pay for protection, then to lose money in an attack.

Towards Multi-Layered Security

Multi-layered security for phishing protection

Email is the biggest source of Cyber-attacks globally. In 2017 74% of threats entered an organisation via email.

It is clear that to protect your business after the move to Office 365 you will need multi-layered, rounded protection.

You will need the secure email gateway in the front, blocking malicious emails from entering inboxes and advanced threat protection inside, stopping threats that have made their way through the gateway.

Make sure you choose the right email security gateway and advanced threat protection for you by reading our expert reviews. You can read reviews of the best email security gateways here and the top advanced threat protection products here.

You can find reviews of a variety of a range of other cloud-based cybersecurity products at