Home 0P3N Blog 3 Ways to Increase Office-365 Security
Ready to Start Your Career?
Create Free Account
Sasha Radenovics profile image
By: Sasha Radenovic
September 14, 2017

3 Ways to Increase Office-365 Security

By: Sasha Radenovic
September 14, 2017
Sasha Radenovics profile image
By: Sasha Radenovic
September 14, 2017

Cloud services are gaining popularity for some time, and one of the most popular office cloud services is Office 365, especially with SMB companies, and their main concern is security. Most of those companies do not have an Information Security Officer (CISO), just basic IT staff for administration and network issues. Microsoft's product and service set to offer users easy-to-use services relieve them of maintaining infrastructure, but at the same time, users lose control over data and documents that have until recently been kept within their corporate infrastructure. Possible security flaws on the Microsoft site are frequent issues and concerns of users.

So let's introduce tools for Office 365 security by Trend Micro- Cloud App Security and Cloud App Encryption for Office 365-they protect thru three levels:

  1. Protection from advanced malware and today often mentioned ransomware with. sandboxing, or advanced file checking,
  2. Data leakage prevention, ie Data Loss Prevention functionality (Cloud App Security)
  3. Cloud Data Encryption for Office 365
  4. Protection against advanced malware - ransomware - data leak (DLP)

Although Office 365 includes antispam and anti-malware protection, as well as the basics of DLP functionality, there is no more advanced analysis of malicious attachments. Email is today the major malware spreading channel through which malicious files are delivered as the first step in compromising user computers and encrypting data on them - the famous crypto-malware. Trend Micro Cloud App Security with classic antispam and antivirus scanning also offers advanced file analysis through sandboxing.

Analysing the behavior of files in their execution is the best way to detect zero-day attacks, which exploit the latest vulnerabilities in operating systems or client applications, and traditional methods of protection do not disclose them.

In addition, the product offers the ability to define flexible policies for detecting unauthorized information sharing outside the organization: Data Loss Prevention functionality. There are predefined identifiers for this, such as the ability to detect credit card numbers, account numbers, personal data, and the like, as well as the options for custom-made rules.

The functionalities cover Office 365 applications of Exchange email, Collaboration Tool point and OneDrive for file storage, as well as Dropbox, Google Apps, and Box.

  •   Encrypt data in the Office 365 cloud

Trend Micro Cloud App Encryption adds a data encryption service stored on the Office 365 cloud servers. Data in Microsoft data centers are encrypted, but still readable when accessed using the intermediary service, for the user of the transparent one.

Data in Cloud are encrypted and completely illegible when accessed through a browser, email client, or mobile device. By modifying the access data on Trend Micro’s intermediate service, access to the decrypted data is obtained, and the functionality remains identical. There is no difference for the end user. The existing API, or Microsoft integration mechanisms, are used, and there is no need to redirect mail traffic. Just adding an additional layer of security to an existing service. Trend Micro takes care of the encryption keys, but users can manage them themselves and store them inside their infrastructure, using the KMIP protocol.
Resource: https://www.trendmicro.com/en_us/business/products/user-protection/sps/email-and-collaboration/cloud-app-security.html
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry