It’s crucial that organizations using Office 365 find
and implement a strong, multi-layered email security solution for their users. Office 365 has quickly become the most popular
cloud based platform, making it a prime target for attackers looking for an
easy way to compromise email data. In the cloud, email has remained the number
one threat vector, with attacks like phishing attacks, spam and ransomware
becoming major issues for many businesses.
In this guide, we’ll take you through the top email
security solutions for use with Office 365. This will cover many different
kinds of email security technologies. This includes Secure Email Gateways,
which filter malicious emails before they enter users’ inboxes, Phishing Protection
platforms that automatically remove phishing attacks, and email encryption
solutions that secure email communications.
We’ll cover the key features of these solutions, what makes
them perfect to secure emails with Office 365, and what types of customers they
are most suitable for. Information in this article has been gathered from our
own research, and from the views of customers who we have spoken to and have
left reviews on the Expert Insights platform.
The Best Email Security Solutions For Office 365 Includes:
- Spam Filtering: Proofpoint Essentials Business Edition, Vade Secure, Cisco Cloud Email Security
- Phishing Protection: IRONSCALES, Microsoft Advanced Threat Protection, Agari
- Link / URL Protection: Proofpoint Essentials, Menlo Security, Microsoft Advanced Threat Protection
- Advanced Threat Protection: Proofpoint Essentials Advanced Edition, AVANAN, Microsoft Advanced Threat Protection
- Email Encryption: Proofpoint Essentials Advanced Edition, Egress Email Encryption, Microsoft Encryption
- DLP: Proofpoint Essentials Advanced Edition, Microsoft Compliance Center, Cisco Cloud Email Security
Start a Trial
Spam and Malware Protection, Safe Links, Email Archiving, Data Leakage Prevention & Email Encryption
Proofpoint is a global leader in email security solutions, protecting over 100,00 businesses around the world. Proofpoint Essentials is a fully cloud-based secure email gateway, designed to protect small and medium-sized businesses using Office 365 from email threats. Proofpoint Essentials combines a powerful secure email gateway platform with email archiving, encryption, and data loss prevention.
Proofpoint offers multiple threat protection features to stop data breaches and email threats. Proofpoint uses multi-layered email security engines to prevent threats like spam, malware and phishing attacks. This includes URL defense (Safe Links) to block malicious email links at time of click, and anti-virus engines to stop ransomware attacks. Research from SE Labs shows Proofpoint Essentials has one of the highest threat total accuracy ratings of all the market leading email security vendors.
Proofpoint Essentials is very easy to deploy with Office 365. Essentials is deployed between the Office 365 environment and the internet, sitting in front of your Office 365 tenant. To route mail to Office 365 requires changing your MX records. Because Essentials sits in front of Office 365, all emails are scanned to ensure they are safe. Infected and spam emails are automatically quarantined. Outbound emails are also routed via Proofpoint thus allowing data leakage (DLP) rules to be easily applied to stop confidential information being emailed out.
Proofpoint can be configured to allow end users to access their own quarantine, email archive and, manage their allow/deny lists, which helps to save IT departments time.
Spam and Malware Protection, Archiving, Email Archiving, Data Leakage Prevention & Email Encryption
Mimecast are a global leader in cloud-based email management, securing over 36,000 customers around the world, including many large enterprises. Mimecast allows organizations to protect and manage their email, with a range of solutions for different email security use cases. This is delivered in one easy-to-manage platform as a subscription service. Mimecast offers Office 365 email customers with protection against email threats including phishing, malware and account compromise.
Mimecast provides comprehensive security for Office 365 cloud email with a range of solutions. Mimecast sits in front of your Office 365 tenant, using multi-layered threat detection engines to defend against attacks like spear-phishing, malware, viruses, spam and data breaches.
As well as stopping malicious emails from entering your email network, Microsoft Internal Email protect is deployed inside your email perimeter to detect and remediate against internal threats. This is designed to be used alongside Mimecast’s Security Awareness Training to protect users against sophisticated attacks such as spear-phishing and email fraud. Mimecast also offers mailbox-level compliant archiving of email data, with e-discovery support, legal hold and Office 365 disaster recovery
Mimecast also offer email encryption and DNS filtering, which is all part of their single security solution which is ideal for Office 365 users. Mimecast also offers Office 365 migration tools which can help to speed up and secure migration to the O365 platform. This automatically archives legacy emails and helps to ensure continuity in the case of network outages.
Download IRONSCALES Whitepaper
Market Leading Phishing Protection
IRONSCALES provides powerful protection for Office 365 against phishing attacks, credential theft and business email compromise. IRONSCALES is fully cloud-based and works inside Office 365. This means IRONSCALES can identify suspicious email activity, like spoofed domains, and alert end users with warning banners inside their mailbox. This helps to prevent phishing and business email compromise, without impacting on end user productivity. IRONSCALES also uses multiple anti-virus engines to identify and remove emails with malicious links and attachments automatically. In tests by Expert Insights, IRONSCALES outperformed Office 365 ATP for phishing detection.
Phishing attacks are perhaps the biggest threat facing businesses using Office 365. IRONSCALES’ provides a robust layer of security with their email protection platform. IRONSCALES also provides a suite of security awareness training tools, allowing admins to easily create simulated phishing emails, and test users effectiveness with spotting suspicious email attacks.
IRONSCALES combines machine learning technologies and human threat intelligence to identify malicious emails and remove them from user inboxes. Machine learning engines use contextual analysis, looking at factors like domain, time emails were sent, attachments and location to identify suspicious and malicious emails and remove them. IRONSCALES also allows end users to report emails that don’t look right with a button directly in the Office 365 mail app, on desktop or mobile. This intelligence is shared across their client base, so a phishing attack reported by an end user be shared to IRONSCALES customers all over the world.
IRONSCALES is built for use with Office 365. It integrates seamlessly with your Office 365 environment without requiring any configurations or new mail flow rules. Deploying the service is extremely easy – deployment takes 2 clicks and doesn’t require any MX record changes or rules to be setup. IRONSCALES is an ideal platform for stopping phishing attacks for organizations using Office 365.
Egress Intelligent Email Security
Start a Trial
Email Encryption, Misaddressed Email Sending, Data Breach Protection
Egress offer a range of solutions to help organizations prevent misdirected emails and security breaches. Egress offers three email security solutions that integrate seamlessly with Office 365: Prevent, Protect and Investigate. Egress deploys easily across your Office 365 environment, protecting businesses with intelligent phishing and misaddressed email protection, email encryption, and enhanced visibility into email threats.
Egress Prevent stops data breaches before they happen, using contextual machine learning technology to mitigate misdirected emails and spear-phishing attacks. Egress learns user behaviours across your email networks and scans contents within emails, highlighting potential mistakenly addressed emails and phishing scams and alerting users when they believe that a data breach could occur.
Egress Protect provides government certified and easy to use email encryption, perfect for use with Office 365. Egress’ encryption is deployed using a simple plug-in to Outlook, which allows end users to encrypt emails, send large files and select security controls such as water marks, without leaving their email client. According to admin policies, Egress automatically encrypts email with AES-256 bit encryption provides message-level protection, certified by industry bodies and governments. As well as encrypting message content and attachments, Egress provides total control to keep shared data safe, including email recall, message restrictions and detailed audit reports.
The ease of deployment with Office 365 and strong feature set makes Egress a great fit for organizations looking for an email protection solution.
Start a Trial
Isolating Web Links and Email Attachments
Menlo Security is a web security and isolation platform, ideal for mid-sized organizations and enterprise. They provide a powerful web security platform, with isolation at its core, which helps to protect organizations using Office 365 from all web and email-based threats. Menlo Security offers a full threat protection suite for Office 365, helping to improve the speed of access to Office 365, while maintaining security across all of your cloud applications.
Menlo’s Isolation platform addresses the gaps in email and web security that are open for attackers to exploit in Office 365. Menlo stops email attacks by fully isolating all potentially malicious content that can be spread via email, including URLs and attached documents, without interrupting the end user work-flow. Menlo’s phishing protection solution rewrites all web links, opening all content in isolation so there is no path for any malicious content to infect end user devices. In addition, Menlo will open all suspicious links sent via email in ‘read-only’ mode, in order to stop phishing attacks that look like genuine web pages. Menlo Security also provides document isolation, which provides safely rendered access to any attached files like PDFs and word documents sent via email, helping to stop malware and ransomware attacks.
Menlo Security is particularly well suited for use with Office 365. The Menlo platform is able to track how O365 users interact with web links, and provides greater investigative abilities for forensics, reporting and auditing than the inbuilt 0365 reporting. Menlo Security is straight forward to deploy with Office 365, it’s fully cloud based, and causes no interruption in email sending or changes in user experience.
Microsoft Office 365 Advanced Threat Protection
Safe Links, Malware Scanning of Attachments
Microsoft Office Advanced Threat Protection (ATP) is Microsoft’s security platform built for enterprise customers on Office 365. Microsoft ATP protects organizations against malicious email threats like phishing, malicious URLS and collaboration tools. Microsoft ATP is included in some Office 365 subscriptions such as the Enterprise E5 tier, and can also be purchased as an additional add-on solution.
Office Advanced Threat Protection includes threat protection policies, reports and investigation and response capabilities. Threat protection features include Safe Attachments, which checks email attachments for malicious content, and Safe Links, which provides time-of-click URL verification to prevent access to malicious web pages. ATP also includes anti-phishing protection. This module uses machine learning and impersonation detection algorithms to detect and block phishing attacks. However, this solution is not as effective as some third party solutions, such as IRONSCALES or Proofpoint. Microsoft ATP can however protect SharePoint, OneDrive and Teams from malicious files, which not many third party solutions can do effectively.
Research undertaken by third parties and other security vendors have found some significant issues with ATP’s threat protection capabilities, specifically with regard to its anti-phishing protection module. Research from SE Labs gave ATP a 35% total accuracy rating for detecting email attacks. Other vendors such as Avanan point out the relative immaturity of Advanced Threat Protection compared to other email security vendors on this list, and the ease in which hackers are able to create an Office 365 account and learn to evade security policies. On the other hand, Microsoft ATP is built for use with Office 365. It integrates seamlessly with your Office 365 environment without requiring any configurations or new mail flow rules. There are two versions of Microsoft ATP available, a starter tier which includes threat protection policies, and an advanced tier which also includes automated investigation and response.
Microsoft Compliance Center
The Microsoft 365 compliance center provides easy access to the data and tools you need to manage to your organization’s compliance needs. The compliance center allows you to easily view the security health of your organization, act to configure devices, users, and apps, and get alerts for suspicious activity. The Microsoft 365 security center is intended for security admins and security teams to better manage and protect their organization from data losss. This solution is integrated across Microsoft 365 services and provide s actionable insights to help reduce data risks.
The Microsoft Complaince Center is a home for monitoring and managing security across Microsoft accounts, data, devices, apps and infrastructure. It allows admins to easily view the health of their organization and configure devices, users and apps. It also provides alerts when suspicious activity occurs. Microsoft provides organizations with a Secure Score, with detailed reports and information on security posture and areas which can be improved.
From the Compliance center, admins can protect against data loss by adding labels to classify documents, email messages and websites. When a label is applied, this content is autamatically protected based on user-settings. This means that admins can create labels to encrypt files, and control user access to specific websites, for example. From here admins can also manage role-based access controls and proactively search for malware, suspicious files and activities.
Malware Scanning of Attachments, Phishing Protection
Avanan is an email and application security vendor with a full threat protection suite for Office 365. Avanan’s platform protects businesses from attacks like phishing, malware, account compromise and data loss. Avanan sits within the Office 365 environment, and can be deployed as automatically as an app in the Office 365 app store, or configured manually, with a simple deployment process.
Avanan provides multiple threat protection modules to protect emails in Office 365. As Avanan sits within the Office 365 environment, it can secure inbound, outbound and internal emails from phishing attacks that are missed by Microsoft’s inbuilt spam filter, and even emails missed by Microsoft Advanced Threat Protection. Avanan uses machine learning to identify zero-day phishing attacks, using over 300 indicators of compromise including time of sending, location and domain to flag suspicious emails. Avanan also uses machine leaning algorithms to detect business email compromise, by flagging logins across multiple countries and flagging unusual behaviours that point to accounts being taken over.
Avanan provides enhanced malware protection, which they argue catches 99.99% of the threats that Microsoft misses. This includes protection against harmful attachments and URLS, with advanced reporting, for all inbound, outbound and internal emails. Avanan deploys easily with Office 365, and works well alongside other email security technologies such as Office ATP, or Proofpoint Essentials, in order to stop sophisticated email threats, as well as threats like spam.
Phishing and Business Email Compromise
Agari provide a cloud based email defense platform. It’s designed for organizations using Office 365 that don’t have a SEG like Proofpoint in place, but are struggling with attacks such as phishing and business email compromise. Agari adds protection against these identity based threats that works alongside the inbuilt threat security controls in Office 365, and add-on services like Office ATP.
Agari is fully focussed around protecting businesses from sophisticated email threats like phishing and business email compromise. They offer three threat detection products, Phishing Defense, Phishing Response, and Brand Protection. Phishing Defense is powered by Agari’s identity graph. This technology uses the relationships and behavioral patterns of brands, individuals individuals, brands, businesses, services, and domains using hundreds of characteristics, to identify anomalous behavior and determine the risk of emails being suspicious. This allows Agari to identity compromised accounts and block zero-day phishing attacks which would slip through the gaps in traditional security technologies’. Their Phishing Response module integrates with Office 365 to allow employees to report phishing attacks, which are then analysed by Agari and removed if needed. Agari claims to block 99.9% of advanced email attacks.
Agari is built on a cloud-native architecture, which can be integrated easily with Office 365 and Azure Active Directory. Agari also provides a deeper level of analytics than using Advanced Threat Protection alone for phishing protection. A common use case for Agari customers is using Office 365’s inbuilt spam filter to stop spam and unwanted bulk mail, as well as filtering unsafe URLs, and then using Agari’s platform as an extra layer against business email compromise and phishing attacks that are missed by Office 365 itself.
Spam Protection, Advanced Threat Protection
Vade Secure provides AI-based, predictive email security for Office 365. Vade Secure protects Office 365 applications like OneDrive and SharePoint from attacks that start at the email layer, with account compromise attempts such as phishing, spear-phishing and business email compromise. Vade uses AI-powered threat detection and remediation technologies which integrate easily into Office 365, for business customers and MSPs. Vade Secure uses a fully cloud native architecture.
Vade Secure utilizes machine learning models that perform real-time behavioural of all emails, URLs and attachments, looking for malicious contents. Threat detection data comes from over 600 million protected mailboxes globally. Vade Secure delivers multiple threat protection features. Vade analyses URLs and emails in real time, to protect against phishing attacks, and uses behavioural based machine learning to display warning banners on suspicious emails. Vade Secure also provides behavioural based anti-malware, which scans the origin, content and contents of email and attachments to stop the spread of malware and ransomware. Vade automatically removes emails they detect as being malicious, and allows admins to remove harmful messages in once click.
Vade Secure provides a fully native user experience for Office 365 users. It integrates with Office 365 via the Microsoft API, and so is easy to deploy, with no MX record changes required. Users are also therefore able to use Vade Secure to compliment Office 365’s inbuilt spam protection and Advanced Threat Protection. Vade uses Outlook folders to automatically sort grey-mail for users, but doesn’t offer a separate email quarantine for end users as a SEG solution would. Vade Secure has an MSP focus, offering customers using O365 simplified customer onboarding and provisioning.
Cisco Email Security for Office 365
Cisco offers a comprehensive email security gateway designed for use as an additional layer of protection for Office 365. This service is built for mid-sized and large organization, and is popular with higher education institutions and in healthcare. It’s designed to provide protection against threats like ransomware, business email compromise and phishing attacks, with threat intelligence from Cisco’s global threat intelligence teams.
Cisco Email Security sits on top of Office 365 to filters malicious emails, blocking ransomware business email compromise and phishing attacks. Cisco’s threat protection is powered by their market leading threat intelligence team. Cisco provides protection against URL-based threats like phishing attacks with real-time URL analysis, and protection against ransomware, with. Malicious file scanning and automatic mailbox remediation. Cisco’s platform offers admins a much greater level of control over emails than offered in Office 365 as standard, with much more granular threat intelligence and reporting. It’s a popular choice for education and healthcare organizations for these advanced policies, and high level of threat protection.
Cisco Cloud Email Security is designed to automate and speed up identifying and removing threats from Office 365. CES is an email security gateway solution, that sits between Office 365 and external domains, so it does require MX Record changes. However, customers in education report that the service can be deployed very quickly, with favourable licensing. Cisco also provides warnings to users inside their email inbox, alerting users when emails look like fraud attempts, alongside traditional spam and malware filtering.