Anti-Spam/Anti-Phishing

Office 365 features some spam filtering offerings, but they’re often not comprehensive enough to address most organization’s needs. The default filtering settings provide potential holes for spam, malware and phishing leaks, and increased administrative burdens.

While the settings can be customized, doing so can be time consuming, especially when certain tasks have to be performed by endusers, which disrupts productivity. For many companies, finding a spam filtering service outside of Office 365 is a necessity. Here’s what you should be looking for in a spam filtering service:

• Longer spam filter retention (Office 365’s spam filtering retention can be expanded to as many as 15 days)

• Greater admin control over group and individual access restrictions

• Easy rule implementation to catch more spam

• Reduction of clutter from known spam sources

Should an email get through with a corrupted link, web filtering, which isn’t offered by Office 365, can provide another layer of defense to block malware from infecting your network. When considering a web filter, ensure it performs each of the following tasks:

• Shields your network from a wide range of malware, adware and viruses via email, web download and java script download.

• Continuously monitors outbound traffic and sends real-time notifications if a malicious program is detected.

• Maintains fast browsing experience to maintain productivity.

• Updates thousands of times per day.

When web and spam filtering are both employed in a layered approach, sophisticated attacks can be stopped. Consider the following scenario:

• An email with an embedded link is sent to someone in your organization late at night when they’re not checking email.

• The link points to a clean Dropbox file, which has never been used in a previous attack.

• Because it hasn’t been reported by any network monitoring programs your organization uses, the spam filter recognizes it as safe and lets the email through to the intended user.

• At some point between the email being sent and passing through the network’s filter, the malware provider changes the endpoint of the link, which leads the business user to malware when clicked.

•The end user gets up in the morning and the now-malicious email is waiting for them in their inbox. 

This issue is common and can be combatted with the right web filtering solution. While the spam filter did what it was supposed to do, the hackers “tricked” the system by changing the link. Web filters with downstream monitoring will immediately notice when the link has been changed and redirect the email out of the user’s inbox. A layered approach will position your organization to reduce the risk of email-related security issues to its absolute minimum.