Office 365 Spam Filtering

Recent research by Osterman identifies that Microsoft’s EOP can detect 100% of all known viruses with updates every 15 minutes. However, the research found it to be less effective against unknown or new malware delivered by email. System Administrators implementing Office 365 need to make sure it’s secure by layering in a dedicated secure messaging and spam filtering solution like SpamTitan to protect against advanced persistent threats. To protect against advanced threats you need advanced protection.
Read our brand new 2021 free report on overcoming the Email Security Weaknesses in Office 365. 

There are several options for improving the email spam filter for Office 365 to block more spam email and prevent email-borne threats from reaching the inboxes of your end users. If you are unhappy with the current performance of Office 365, it may be possible to alter the Office 365 spam filtering parameters or make changes to the connection filtering settings. However, if spam email volume is not significantly reduced it may be necessary to set up transport rules.

Standard O365 spam filter settings may not be sufficiently aggressive. By setting transport rules it is possible to alter Spam Confidence Levels (SCLs) and set up different protocols to manage Domain-based Message Authentication, Reporting, and Conformance (DMARC), Domain Keys Identified Mail (DKIM), and the Sender Policy Framework (SPF). By adding these new protocols, you should be able to configure the spam filter for Office 365 to block spam email more aggressively.

It is possible to improve spam filtering for Office 365 by tweaking the settings, although email administrators in large organizations are likely to find creating block lists and safe lists – and keeping those lists up to date – an incredibly time-consuming task. Fortunately, there is an alternative to tweaking the spam filter for Office 365, and that is to install a third-party spam filtering solution to augment spam filtering for Office 365. A third-party solution is a better choice than using Microsoft’s Exchange Online Protection (EOP) and Advanced Threat Protection (ATP), which are available to Office 365 users.

Improving the Spam Filter for Office 365 with a Third Party Anti-Spam Solution Like SpamTitan

At first glance, there are a number of similarities between Microsoft’s ATP/EOP anti-spam mechanisms and those used by third party email filtering solution providers but, crucially, there are some important differences.

Office 365 spam filtering using Microsoft’s EOP will allow administrators to conduct real-time scans for spam email against Global Blackhole Lists: An important mechanism for preventing the delivery of spam emails to end users. However, some third-party antispam solutions also use greylisting to check the authenticity of incoming email messages.

This additional control greatly improves detection rates for spam email. Greylisting involves sending a message back to the mail server used to deliver messages along with a request to resend the email. Genuine emails are usually resent quickly, but email servers used by spammers are often too busy to respond to these messages promptly. The delay in resending emails is a good indicator that the message is spam.

This additional check is important for preventing new spam email campaigns from being delivered to end users. EOP will only quarantine spam emails that have been added to Global Blackhole Lists. There is a time lag between a new campaign being launched and the emails being added to Blackhole lists. During that time, organizations are vulnerable.

Cost, Usability, and Cloud Deployment Options for an O365 Spam Filter

Another problem for many organizations, especially Managed Service Providers (MSPs), is the lack of flexibility with the EOP spam filter for Office 365. Microsoft will only provide this additional spam filtering option in its own cloud environment.

MSPs wishing to offer their clients an augmented spam filter Office 365 integration, often prefer to use a solution that can be hosted in a private cloud or within their own infrastructure. Organizations may prefer to have the option of using an on-premise anti-spam solution to improve the spam filter for Office 365. Third party antispam solution providers can offer a range of deployment options to suit each individual client.

Ease of use is another major consideration when choosing a spam filter Office 365 compatible, especially for small to medium-sized organizations with limited resources. Using a ‘plug and play’ third-party antispam solution allows IT staff to concentrate on other important tasks rather than spend time configuring and maintaining email spam lists and updating software.

Even though Microsoft’s options for augmenting the spam filtering for Office 365 lack the ability to detect the latest email spam variants and are not as flexible as third-party antispam solutions, they are more expensive. Organizations choosing a third-party antispam solution typically enjoy a 20% to 25% cost saving compared to ATP and EOP.

Augmenting the Spam Filter for Office 365 with SpamTitan

TItanHQ has been providing web and email security solutions for enterprises since 1999. During that time, the company has helped more than 5,000 organizations improve their security posture and reduce spam email volume. TitanHQ’s antispam solution - SpamTitan - has been independently tested and shown to block 99.97% of spam email with false positive spam identification of just 0.03%.

Instead of one antivirus engine, SpamTitan uses two. This increases the rate of malware detection to better protect customers from an ever-increasing range of email-borne threats. SpamTitan features a number of additional controls to keep customers protected, including an email continuity service to ensure that spam email is still blocked during a server outage. Further, SpamTitan offers better protection from email threats and greater spam detection rates than ATP and EOP.

In order to meet the needs of the broadest range of organizations, SpamTitan can be deployed as a virtual appliance or as a cloud-based solution.

SpamTitan Gateway is a powerful anti-spam solution that sits between an organization’s firewall and its mail server. No additional hardware needs to be purchased as the solution can be installed as a virtual appliance.

SpamTitan Cloud is a cloud-based alternative to our gateway offering. The cloud-based option offers maximum flexibility and is ideally suited for MSPs and large organizations. All that is required to start filtering email is for a small change to be made to the mail exchanger (MX) record.  There are no software updates required, virtually no management overhead, and SpamTitan Cloud can be supplied in white-label form for MSPs and resellers.

Free SpamTitan Trial

We believe the best way to determine whether SpamTitan meets your company’s needs is to implement our solution and see the difference it makes. Before committing to purchasing a license, we invite you to take advantage of our free trial.

We will provide you with the opportunity to try SpamTitan Gateway or SpamTitan Cloud free of charge for a period with no obligation to proceed at the end of the trial period. If you have any questions about SpamTitan or you want to register for our free trial, contact our Sales Team today. We will be happy to answers your questions about improving the spam filter for Office 365 and will give you instructions on how to start your free trial and configure SpamTitan to suit your organization’s needs.

One typical way data is exposed via email is by accidentally sending an email to the wrong recipient. This was found to be a prevalent security problem in healthcare and financial services.

The Verizon Data Breach Investigations Report (DBIR)

Protecting Office 365 From Attack

As ransomware and phishing attacks increase, Office 365 has become a primary target, making it vital for IT professionals to take proactive steps with 0365 email security and "hack-proof" their environments. A comprehensive 2016 study by Skyhigh Networks found that 71.4 percent of corporate Office 365 users have at least one compromised account each month. The research was based on a survey of 600 enterprises and 27 million users. Just as users get more bang for the buck by migrating their email services to Office 365, hackers get more bang for the buck by having so many enterprise users concentrated into one platform.

Acceptance Of The Cloud By The Majority

Office 365 is a stellar example of the success and acceptance of the cloud. It is the most widely used enterprise cloud service in the world, boasting more than 70 million active users.. An astonishing 78 percent of IT decision makers use or plan to use Office 365 in 2018, while 70% of Fortune 500 companies have already purchased Office 365 for their users. Not all of them utilize email services in Office 365. Some just use the applications suite or OneDrive. According to Gartner, less than 10% of enterprises use Office 365 email services, although they have an 80% market share for large public companies that use cloud-based email services. In the end, it seems conclusive that more companies will migrate their email services to Office 365 in the coming years.

Why MSPs Offer Add On Email O365 Spam Filtering and Malware Protection To Their Office 365 Customers

This can be disheartening for managed service providers who have used email box services as an income stream for many years. Selling Office 365 subscriptions is not much of a consolation for them either as the margins for Office 365 are so low.
On the surface, it seems that Office 365 presents a real challenge to MSP's who want to hold on to their customers. However, in the same way that MSP's have been making money offering support services and solutions for the Microsoft OS, there is
ample opportunity to provide value-added service to their customers and their Office 365 email services.

Office 365 Is A Big Target For Hackers

There is one big problem with being the big kahuna in the cloud email space - you become the #1 target for hackers and phishing masterminds. Ironically, Microsoft finds themselves the victims of their own success in the same manner as they have for their
operating systems over the years. When vast multitudes of people use the same operating system,  hackers can simply concentrate on that OS and not waste time on others. Similarly, if millions of users use the same email cloud service that utilizes the same set of security tools, hackers can
simply devote their resources and time to circumvent them through discovered weaknesses and exploits.

Just as users get more bang for the buck by migrating their email services to Office 365, hackers get more bang for the buck by having so many enterprise users concentrated into one platform.

Phishing Creators & Hackers Use Office 365 Too. 

You may have never thought about it, but phishing creators and hackers use Office 365 as well. They have the option to pay the subscription fee or break into another user's account through a credential stuffing attack (which is why it is so important to have complex secure passwords). They then use these accounts to test and research just how Microsoft security functions. Many Office 365 customers may assume that they are getting Microsoft's full blanket of protection concerning their accounts.

Unfortunately, this is not the case. All accounts do get the benefit of the default email security offering. Microsoft, however, offers an additional security package called Advanced Threat Protection (ATP). This package includes message sandboxing, link reputation checking, URL reporting/
tracing, and phishing protection. To take advantage of the full suite of capabilities requires an enterprise subsection license. Customers can also add these services in a la carte fashion but each additional service requires an additional fee. Again, keep in mind too that the hackers have
access to the sandbox as well.

Compounding Office 365 Default Email Security With An Add On Solution

So, if you have to pay extra money to get the blanket security coverage that every organization needs today to stop ransomware laced email, BEC attacks and other nasty threats, why not spend the extra money on a comprehensive solution built from the
ground up by a vendor that specializes in email security?

Microsoft has indeed made great strides in cyber security as of late, yet headlines today continue to report countless exploits that hackers use to undermine their operating systems and applications.

How certain are you that Microsoft will get security right for Office 365? Why not trust your email security with a specialist?

#1 Target For Hackers & Phishing Masterminds

This is why so many enterprises are indeed turning to third party solutions to enhance the security of their Office 365 hosted email accounts. In fact, according to a recent Gartner report,
40% of Office 365 deployments will rely on third-party tools by 2018 in order to fill gaps and meet expected security requirements and compliances. They expect that number to rise to 50% by 2020.

The Cost Of Prevention Is Far Less Than The Cost Of Recovery

As was evident in the recent Petya attack that disrupted companies of all sizes for days or weeks, the cost of prevention is far less than the cost of recovery. What's more, many email
security companies have email gateway solutions that are specifically designed to complement and integrate with Office 365. Every business is at risk for being hacked - especially SMBs with minimal security in place. According to the U.S. National Cyber Security Alliance, an alarming 60 percent of SMBs go bankrupt six months after a cyber attack! For managed service providers, offering an add on email security solution is another way to help ensure that their customers remain safe and malware free.

71.4 percent of corporate Office 365 users have at least one compromised account each month

The fact is that Office 365 is a great cost-effective email solution for so many organizations today, and with the inclusion of an added security solution, it indeed can be the complete package you need.Many organization find it's necessary to supplement Office 365
default email security with add on solutions, like a dedicated spam filter. This is why so many enterprises are indeed turning to third party solutions to enhance the security of their Office 365 hosted email accounts. Rather than opt for ATP they prefer to spend the
extra money on a comprehensive solution built from the ground up by a vendor that specializes in email security.

Mitigating The Risk Of A Security Incident

The key takeaway is that it can be very difficult for organizations to fully protect themselves from sophisticated hacking and phishing attacks. Organizations are always under pressure to reduce costs but security must not be compromised, the risk
is too great. Organizations need to mitigate the risk of a security incident in a meaningful way by having a robust email security infrastructure in place. This supplementing 0365 with a comprehensive spam filtering solution built from the ground up by a vendor that specializes in email security.

How to Increase Spam Filters in Office 365?

Microsoft Office 365 contains technology to block malicious and nuisance messages from reaching their intended recipient. The anti-spam features in Office 365 are sufficient for individuals, but they aren’t effective in a business environment. Businesses need an additional layer of security to protect their environment from email-based threats, including ransomware, malware, phishing, credential theft, and social engineering. Deploying an additional email filter solution complements the Office 365 anti-spam filters and reduces cybersecurity risks for an organization.

With another effective solution, businesses can increase their spam filtering and block malicious messages from being sent to employee inboxes, which removes the possibility of human error.

How does spam protection for Office 365 help protect businesses?

Because Microsoft Office 365 is integrated into several enterprise environments, email-based threats are designed to exploit vulnerabilities. Office 365 has its version of anti-spam and anti-malware protections, but it’s not enough to block more sophisticated threats.

Businesses need a better way to stop sophisticated attacks, and additional layers of protection included with SpamTitan dramatically reduces the risk of a data breach. SpamTitan analyzes messages using threat intelligence, artificial intelligence, and spam lists of known malicious servers to block messages from reaching a user’s inbox. By blocking malicious messages that would otherwise bypass Office 365 filters, businesses improve their data protection and risk from malware, data theft, and other email-based threats.

What is the best spam filter for Office 365?

Although you get some protection in Office 365 for spam, your organization needs the best spam filter for Office 365 to stop sophisticated attacks. SpamTitan is a proven well-rated spam filtering solution built for enterprises. Its artificial intelligence uses TitanHQ’s threat intelligence research and input from your administrator’s configuration to analyze messages and, more accurately, block malicious messages and nuisance emails from reaching the intended recipient. The artificial intelligence also keeps false positive counts low, so your spam filtering solution does not interfere with business productivity and block legitimate messages. As a result, SpamTitan will improve your corporate cybersecurity posture, keep you compliant, and protect business data.

What are some email filtering Office 365 features?

Every Office 365 spam filtering solution has its benefits, disadvantages, and features. It would help if you found the best solution for your business, but certain features should be included in any enterprise filtering solution. A good email filtering solution for Office 365 integrates easily with the platform and should complement the existing filtering solution already included with Office 365. Administrators should see very few false positives and negatives, and working with administrators, custom configurations should be flexible. SpamTitan is flexible and takes just a few minutes for administrators to roll out, configure, and maintain an effective Office 365 spam filtering solution.

Using O365 and considering a spam filter?

If so you need an extra layer of protection, speak with one of our security experts today about securing Office 365 to prevent costly and damaging email attacks - including ransomware, spear phishing, and business email compromise.

Visit www.titanhq.com/email-protection for more information