.For example, phishing incidents rose 220% during the height of the global pandemic compared to the yearly average. And, as of October 2020, 60% of respondents surveyed by the Ponemon Institute experienced cyberattacks during the pandemic, with 51% saying that malware or exploits managed to get past their security defenses.
When it comes to Microsoft 365 (M365), there are some startling statistics that clearly demonstrate why M365 email security and protection is important.
⦁ 85% of organizations using Microsoft 365 have had an email data breach in the last 12 months.
⦁ Organizations using Microsoft 365 have seen a 67% increase in data leaks via email since March 2020 – compared to just 32% of the businesses who don’t use it
⦁ With 60% of data breaches attributed to poor patch management, there were 1,220 new CVEs across Microsoft products in 2020 in the common vulnerability and exposures (CVEs) database.
Gartner recently concluded that “COVID-19 saw a significant shift to working remotely, which continued to fuel the adoption of cloud office systems and the use of other collaboration tools beyond email. These are likely to become an additional attack vector.”
“Despite the growth in more targeted attacks through other vectors, email is still the most common channel for opportunistic and targeted attacks, as well as a significant source of data loss.” - Gartner 2020 Market Guide for Email Security
Is email security necessary for your clients?
Cybercriminals use email as a primary attack vector to steal data, make money, and/or harm the attacked environment. They do this by stealing sensitive and/or personal information through various social engineering techniques, or malicious links and attachments.
Any organization that manages and stores sensitive information or personally identifiable information (PII) must take even stricter measures to protect and secure this information. If sensitive data ends up in the hands of unauthorized parties, it can lead to severe financial and reputational damage and litigations if non-compliant with regulatory requirements.
Loss of your intellectual property (IP) – Many of your clients manage and store extremely sensitive business data that differentiates their company, products, and services. These include financial, customer, R&D information, brand and trade secrets, patents, formulas, recipes, designs, software code, search algorithms, etc.
Non-compliance with regulatory requirements – Many of your clients maintain a wealth of information about their customers and prospects, whether it be PII, PCI (card information), or Protected Health Information (PHI). In these cases, your clients are also subject to regulatory requirements – such as the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Payment Card Industry Data Security Standard (PCI DSS), and Health Insurance Portability and Accountability Act (HIPAA).
Brand damage – A data leak can require a business to compensate affected customers and/or in the worst case, customers may choose NOT to do business with you, which can impact your brand reputation and ultimately your future revenues.
Is M365 Secure?
Depending on the selected plan, M365 provides some essential security functionalities, such as:
⦁ Microsoft Defender 365, part of Microsoft’s Extended Detection and Response (XDR) provides protection, detection, investigation, and response to email, collaboration, identity, and device threats in a central portal.
⦁ Exchange Online Protection (EOP) provides anti-malware and anti-spam filtering for mailboxes.
⦁ Microsoft Defender for Office 365 provides a set of prevention, detection, investigation and hunting features to protect email and Office 365 resources.
⦁ Microsoft Defender for Endpoint provides preventative protection, post-breach detection, automated investigation, and response for devices in your clients’ organizations.
⦁ Azure Information Protection lets you discover, classify, label, and protect your clients’ sensitive documents and emails via security policies.
⦁ Microsoft Defender for Identity is a cloud-based security solution that leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your clients.
⦁ With Microsoft Cloud App Security, you can identify and combat cyberthreats across your clients’ cloud services with a cloud access security broker (CASB) that provides multifunction visibility, control over data travel, and sophisticated analytics.
⦁ With Advanced eDiscovery and advanced audit, you can assess your clients’ compliance status and respond to legal and regulatory requirements.
To prevent email data loss, Microsoft has incorporated its own data loss prevention (DLP) rules into Microsoft 365, but these rules are not enough to keep your data secure and protected, especially when targeted by cyberattacks.
Microsoft provides essential email security functionalities via Microsoft Defender for Office 365 and Exchange Online Protection. However, it doesn’t ensure protection against all modern threats targeting email. For example, Microsoft 365’s native defenses only provide limited protection against malicious content – such as an embedded malicious Word or Excel file – hidden within a seemingly clean PDF. Furthermore, Microsoft 365 doesn’t provide long-term retention or point-in-time restore; a feature that clients need after successful attacks.
Moreover, with M365, service providers are limited to only providing patch management support for Microsoft applications. While third-party applications can be patched through Microsoft System Center Configuration Manager (SCCM), the process is complex as it requires managing multiple solutions. At the same time, SCCM supports a limited number of third-party applications and requires they be installed on-premises.
This is the main reason why Microsoft 365 is not designed for the needs of MSPs. Even though Microsoft 365 can be used by MSPs to build services, you need to enable and manage different protection services using different tools. This significantly increases the management burden and complexity and requires more resources than most MSPs have. Moreover, Microsoft lacks some key service-provider-oriented capabilities, such as integrations with remote monitoring and management (RMM) and professional service automation (PSA) tools, reseller management, white labeling, and easy up-sell/cross-sell of different solutions that impact business profitability, productivity, and operational efficiency.
Does your client need a backup and recovery solution for their email?
The short answer is yes! Microsoft 365 only replicates data across its data centers, which provides data availability, but it provides limited protection against data loss. For example, if your client’s user accidentally deletes a mailbox or email, or a cybercriminal maliciously deletes your client’s data, they may have lost that data for good. When your customer deletes an item from a mailbox, it stays in the “deleted items” folder for only a short period of time before being completely removed. Once a message, contact, or attachment is removed from Office 365, it is forever lost unless there is a point-in-time backup of that data.
Microsoft also recommends that each of its clients back up their data. Within the service agreement, it states, “you understand that data can be inadvertently lost, corrupted or breached, and agree that you are wholly responsible for the backup of any and all data, software, information or other files stored on your device, including all disks and drives, or other associated devices…”
How does Acronis Cyber Protect Cloud Advanced Email Security build on top of M365?
Acronis Cyber Protect Cloud is the industry’s only solution that natively integrates cybersecurity, data protection, and protection management to protect data, applications, and systems. The unique integration eliminates complexity so service providers can protect customers better while keeping costs down. You can enhance your backup service with essential cyber protection at cost and increase your profitability with essential cyber protection functionalities that cover all endpoints.
Powered by the industry-leading solution from Perception Point, Acronis’ Advanced Email Security pack for Acronis Cyber Protect Cloud enables service providers to enhance and extend their cybersecurity capabilities by detecting and stopping all email-borne cyberthreats before they can reach their clients’ end users. In an evaluation by SE Labs Independent Testing, Perception Point was ranked #1 for its highest detection rate (96%), coupled with a 0% false-positive rate, greatly surpassing other competitors and Microsoft 365’s native defenses.
When compared with Microsoft Defender 365, Advanced Email Security detection speeds are less than 30 seconds. This allows MSPs to prevent threats before they reach their clients’ mailboxes, instead of reacting to threats and catching them minutes after they are delivered to clients or alternatively, scanning just a fraction of the traffic, increasing clients’ risk. Acronis’ unique anti-evasion engine detects malicious hidden content by recursively unpacking the content into smaller units (files and URLs), which are then dynamically checked by multiple engines in under 30 seconds.
Advanced Email Security’s detection accuracy was rated “best-in-class” where M365 was rated below average. And even though M365 has built-in protection against email-borne threats, 80% of breaches are new or unknown “zero-day attacks” that can bypass M365’s traditional defenses. Acronis covers more threats, including zero-day attacks and advanced persistent threats (APTs). Advanced Email Security also enables MSPs to provide incident response services at no additional cost. These services act as an extension of your service delivery and security teams that monitor all customer traffic, analyze malicious intents, and provide ongoing reporting and support, including engine optimization, handling false positives, and maintaining the decision mechanisms.
Acronis Cyber Protect Cloud all-In-one solution
Acronis Cyber Protect Cloud provides other advantages when compared to M365.
⦁ Unified portal – Service providers can deliver and manage all cyber protection services though an easy-to-use, unified portal for all workloads, eliminating the burden of juggling multiple point solutions.
⦁ MSP enablement – Acronis Cyber Protect Cloud is specifically designed for MPSs, providing capabilities such as integration with RMM and PSA tools, hosting control panels, billing systems and marketplace providers, reseller management, white labeling, and a platform that allows easy service tiering to unlock up-sell/cross-sell opportunities that impact business profitability, productivity, and operational efficiency.
⦁ Recovery from cyberattacks – In the event of an attack, Acronis enables service providers to quickly restore Microsoft 365 data and clients’ systems to a working state using the best-of-breed backup and recovery services. Moreover, it protects backed up data – a target of new cyberattacks – and eliminates the risk of threat reoccurrence with anti-malware scans of Acronis Cloud backup data. No other competitive solution delivers this capability.
Because most companies need more protection than just a “deleted items” folder, there is an opportunity for service providers to attach backup and off-site email archiving to their Office 365 sales and increase company revenues. With the scalability and data protection capabilities of Acronis Cyber Protect Cloud, you can easily back up all your customers’ mailbox data to ensure they have complete protection of their Office 365 mailboxes and enjoy peace of mind knowing their data is safe.
⦁ Endpoint protection at no cost – Acronis Cyber Protect Cloud includes next-generation anti-malware and anti-ransomware at no cost. This ensures essential protection across clients’ endpoints and complements other security layers. You are only charged for backup and file sync and share storage consumption.
⦁ Patch management – Using Acronis’ user interface (UI), you can minimize security gaps across your clients’ infrastructure and improve your clients’ productivity with automatic patch management for Microsoft products and more than 230 third-party applications on Windows. Moreover, you can eliminate the risk of client technical issues due to failed patches with automatic backup of systems, data, and endpoints before applying patches.
To enhance your services and ensure the security and protection of your client’s systems and data, Acronis offers additional advanced packs including:
Advanced Backup supports a wider scope of features with continuous protection of data, validation of backed-up data, and visibility into the protection status of assets across your clients’ IT infrastructure.
Advanced Security provides full-stack anti-malware to replace ineffective, legacy antivirus with integrated cyber protection to stop more cyberthreats for clients with fewer resources.
Advanced Management enables automated patch management and easy work planning to reduce your administrative burden.
Advanced Disaster Recovery protects your clients’ systems, data, applications, and endpoints when disaster strikes by instantly spinning up systems with cloud-based recovery and restoring them anywhere
To ensure that your clients’ systems, data, and endpoints are protected, consider using Acronis Cyber Protect cloud for backup, advanced email, anti-malware, and patch management services.
Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 2,000 employees in 45 locations. Acronis Cyber Protect solution is available in 26 languages in over 150 countries and is used by 20,000 service providers to protect over 750,000 businesses.