hamburger

BitDam Blog

Rotem Shemesh
Rotem Shemesh
3 minutes & 38 seconds read · November 11, 2019

Why an Added Email Security Layer is Essential for Advanced Threat Protection on Office 365

The world sends (on average) a staggering 281 billion emails per day in 2018, and is expected to cross the 290 billion mark by the end of 2019. In the thirty years since email hit the general public, it’s become our most pervasive and powerful communication channel. No wonder email-borne attacks are the number one way for malware to breach networks.

Unfortunately, the standard malware detection and prevention options in Office 365 are insufficient to protect your company’s intangible assets. Advanced Threat Protection (ATP) is therefore necessary to defend your users, data, and intellectual property from hackers.

3 Reasons Why Added Security is Essential to Protect O365

Every organization with even a single email address is vulnerable to email-borne attacks. The wide popularity of Office 365 makes mastering its vulnerabilities a smart hacker business.

  1. Most security breaches and ransom attacks start with an email; a company falls victim to a ransom attack every 14 seconds. With one in every 61 emails coming into company inboxes bring a malicious attachment, ransomware is just one threat of many. Once a user opens a malicious email, its malware is making its way through your network.
  2. Using a variety of security layers equals greater protection. Multiple defense layers that each address different vulnerabilities are a staple of physical security, and the principle remains the same for email security. As attacks become increasingly sophisticated, detecting, blocking, and containing malware requires a broad, multilayer net.
  3. Email-borne attacks come in many guises, and part of the increased sophistication comes from hackers getting better at targeting users. Inducing users to download malicious attachments works, but that’s old school. Threat actors don’t need to motivate a download to collect valuable data or gain access to your network. Rather, they use emotive language to mislead employees and get them to click links or fill out forms.

Why Office 365 and Other Email Security Tools are Insufficient

Microsoft offers two levels of security. Its standard email protection is called “Exchange Online Protection” (EOP), and like most email security tools, it can only detect known risks. You can use it to block file extensions popular with hackers, and it lets you prohibit auto-forwarding across every email account.

In other words, the basic stuff.

You can level up with Microsoft’s ATP tool kit or use a third-party ATP tool. These would add another layer of security to target advanced malware by detecting and preventing threats from gaining access. These solutions keep up-to-date about new known risks. However, they offer limited protection against unknown threats.

How BitDam Fills the Unknown Threat Gap

BitDam targets both known and unknown attacks. Most ATP tools do a decent job of detecting known threats. But even if every ATP tool detected 100% of known threats, your organization is still vulnerable. Cyber threats continually evolve, making your highest risks those that are yet undetected. While BitDam ATP does better than these other ATP tools in detecting known threats, its most significant power is detecting the unknown threats. Threats that can leave a company without access to its data for a week or more.

According to Symantec’s 2018 Internet Security Threat Report, ransomware variants increased by 46% last year. Traditional malware detection models that can only look for signs of known attacks will miss the attacks based on these variant evolutions. In contrast, BitDam’s ATP is 100% attack-agnostic. It steps in before any file or link even opens. BitDam scans the file or link, assessing whether it contains  alien code before it runs. This approach allows BitDam to verify the code’s legitimacy or detect malware before it can launch.

Competitors that can prevent known threats need hours, or even days, to identify an emerging unknown attack since they’ve never seen it before. This long lag time between execution and detection allows unknown attackers to wreak havoc on your devices. In contrast, the BitDam approach stops alien code from even running, which leaves zero lag time. Staying agnostic about what threats may exist prevents tunnel vision. As a result, BitDam ATP can detect new threats at first sight.

Comprehensive, multilayer email security is critical to complete company security. Standard penetration testing software won’t expose how vulnerable your network may be, even if you have installed O365 Advanced Threat Protection. Find out the weaknesses in your current level of protection with our free, easy-to-use Breach and Attack Simulation (BAS) tool. You can get it running in minutes.

The results will surprise you.