One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8386767 |
| Date de publication | 2023-09-18 05:00:09 (vue: 2023-09-22 16:02:53) |
| Titre | Comment mieux sécuriser et protéger votre environnement Microsoft 365 How to Better Secure and Protect Your Microsoft 365 Environment |
| Texte | Microsoft 365 has become the de facto standard for email and collaboration for most global businesses. At the same time, email continues to be the most common attack vector for threat actors. And spam, phishing, malware, ransomware and business email compromise (BEC) attacks keep increasing in both their sophistication and impact. Verizon\'s 2023 Data Breach Investigations Report highlights the upward trend BEC attacks, noting that they have doubled over the past year and comprise 60% of social engineering incidents. While Microsoft 365 includes basic email hygiene capabilities with Exchange Online Protection (EOP), you need more capabilities to protect your business against these attacks. Microsoft offers Defender for Office 365 (MDO) as part of its security tool set to bolster security. And it\'s a good place to start, but it simply can\'t stop today\'s most sophisticated email threats. That\'s why analysts suggest you augment native Microsoft 365 security to protect against advanced threats, like BEC and payload-less attacks such as TOAD (telephone-oriented attack delivery). “Supplement the native capabilities of your existing cloud email solutions with third-party security solutions to provide phishing protection for collaboration tools and to address both mobile- and BEC-type phishing scenarios.” Source: 2023 Gartner Market Guide for Email Security The rise of cloud-based email security solutions Email threats are nothing new. For years now, secure email gateways (SEG) have been the go-to solution to stop them. They filter spam, phishing emails and malware before they can get to users\' inboxes. But with more businesses adopting cloud-based email platforms-particularly Microsoft 365-alternative email security solutions have appeared on the market. Gartner calls them integrated cloud email security (ICES); Forrester refers to them as cloud-native API-enabled email security (CAPES). These solutions leave the basic email hygiene and handling of email traffic to Microsoft. Then, they examine the emails that are allowed through. Essentially, they identify threats that have slipped past Microsoft\'s defenses. The main advantage of ICES and CAPES is their ease of deployment and evaluation. They simply require a set of permissions to the Microsoft 365 installation, and they can start detecting threats right away. It\'s easy to remove these solutions, too, making it simple and straightforward to evaluate them. Two deployment models: the good and the bad When you\'re augmenting Microsoft 365 email security, you have several options for deployment. There\'s the post-delivery, API-based approach, which is used by ICES and CAPEs. And there\'s the pre-delivery, MX-based approach used by SEGs. Post-delivery deployment (API-based model) In this scenario, Microsoft provides an API to allow third-party vendors to receive a notification when a new email is delivered to a user\'s mailbox. Then, they process the message with their platform. If a threat is found, it can be deleted or moved to a different folder, like quarantine or junk. However, this approach presents a risk. Because a message is initially delivered to the mailbox, a user still has a chance to click on it until the threat is retracted. Emails must be processed fast or hidden altogether while the solution scans the message for threats. Analyzing attachments for malware or running them through a sandbox is time-consuming, especially for large or complex attachments. There are also limits on how many alerts from Microsoft 365 that cloud-based email security solutions can receive. Pre-delivery deployment (MX-based model) This approach is useful for businesses that want to detect and prevent email threats before they reach their users\' inboxes. As the name suggests, email is processed before it is delivered to a user\'s inbox. To enable this model, an organization\'s DNS email exchange (MX) record must be configured to a mail server. The MX record indicates how email messages should be routed in |
| Envoyé | Oui |
| Condensat | 000 100 2023 230 365 365: 365 ability about access accordance account accurately across actors address adopting advanced advantage against alerts all allow allowed allows also alternative altogether analysis analysts analyze analyzing another api appeared applied approach are around arrival attachment attachments attack attacks augment augmenting automated awareness away bad based basic bec because become been before benefit best better block blocking bolster both brand breach breaches bullet business businesses but calls can can: capabilities capes cases chance choice choose click clicks cloud collaboration combination common complete complex comprehensive comprise compromise configuration configured consuming continues contrast critical cyber data deemed deeper deeply defender defenses deleted delivered delivery deploy deployment detect detecting detections different dmarc dns doubled downside during ease easy efficient email emails enable enabled engineering enhance entire environment environments eop especially essentially evaluate evaluation examine exchange existing external facto fall fast features file fill filter final five flexibility flexible folder formats forrester fortune found frequently from gaps gartner gateways get global good graymail growing guide handling happen has have help helps here hidden highlights how however hygiene ices identify impact importance inbox inboxes incidents includes incoming increasing indicates initially inline+api inspection installation integrated internal investigations its junk keep large late layer learn leave less like limits mail mailbox main make making malicious malware many market matched mdo mean message messages microsoft minute minutes mobile model models: modern more most moved moving multilayered must name narrow native nearly need needs neither new nothing notification noting now occur offer offers office once one online operations option options organization organizations organization oriented other over part particularly party passes past payload permissions phishing place platform platforms plus post pre presents prevent prey process processed processing proofpoint protect protecting protection protocol protocols provide provides quarantine ransomware rapidly reach receive receives record refers remediation removal remove replies report require requires retracted rewriting right rise risk robust routed running safe same sandbox sandboxing scanning scans scenario scenarios secure security security seg segs server set seven several should silver simple simply slipped smtp social solution solutions solutions sophisticated sophistication source: spam standard start stop stopped stops straightforward such suggest suggests suppliers supports telemetry telephone than that them then there these they third threat threats through time timeframes toad today together together: too tool tools traffic trained transfer trend trust two type underscore understanding until upward url use used useful user users vector vendors visibility vulnerable want when where which why will within without wonder words working works world worlds worlds year years you your emails verizon “supplement |
| Tags | Ransomware Data Breach Malware Tool Threat Prediction Cloud |
| Stories | |
| Notes | ★★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.