Protecting O365 and G Suite Email—A Layered Approach 

It’s no secret that technology giants Microsoft and Google have the biggest market share globally in terms of their office suite technology. According to Datanyze, in 2018 G Suite took the lead with 61.91% market share while Microsoft Office 365 had 38.06% globally. In terms of enterprises deploying cloud apps, Microsoft Office 365 seems to be the leader, with 56.3% adoption in 2018. 

Adoption rates continue to grow as more and more businesses choose to use these cloud-based solutions as the center point of their business systems. Indeed, 2018 saw an all-time high of 81% global cloud adoption, according to Bitglass. Using cloud apps is becoming standard practice due to simplicity, predictable costs, and ease of collaborating across multiple offices and locations—resulting in stronger connections, as well as increasingly collaborative and productive environments. 

Regrettably, many businesses don’t consider their security strategy when moving their infrastructure, including email, to the cloud. Most assume security is built into all cloud services across the board. This creates opportunity for cybercriminals to infiltrate organizations and launch cyberattacks. 

The dangers of a single line of defense

However, there’s no guarantee that any one vendor is completely secure. Though companies like Microsoft and Google have taken significant steps to actively protect their apps and infrastructure, there are still inherent vulnerabilities for businesses relying wholly on a single line of defense. Protection against data leakage, theft of user credentials, rapid increase in the amount of malware and ransomware, and failure to comply with regulations remain the responsibility of IT teams. 

Email continues to be one of the most popular attack vectors. An astonishing 91% of attacks begin with a spear phishing email. Research by Statista found that 66% of MSPs indicated the most common cause of ransomware infection they saw was phishing attacks. This clearly shows that when moving to large email collaboration tools, security challenges and risk should not be disregarded. Instead, the entire ecosystem should be taken into consideration. 

How do you reduce your risks? Security experts recommend a defense-in-depth or layered approach, where multiple security countermeasures are implemented to protect against cyberattacks. Taking it a step further, tools and solutions implemented should give you good visibility and monitoring capabilities over your data. In many instances, organizations deploy multiple tools and solutions that don’t integrate with one another, creating holes in their defense-in-depth strategy. 

Minimizing risk is just one part of the security blanket

Adding a strong email security solution can help reduce the risk of cyberthreats like phishing attacks and protect against loss of critical data. Continuity is also critical to support business and employee productivity during email server outages and downtime, and is an important part of a layered security approach. This prevents users having to wait for a fix, costing time and potentially business. On top of this, you need to have visibility and control over email flow so users can see quarantined email and give better insight to system admins and security teams within organizations, helping them to identify possible hackers and deploy countermeasures. 

How can SolarWinds Mail Assure help?

SolarWinds Mail Assure helps safeguards email via collective intelligence that incorporates data from its user base to help prevent both known and emerging threats. Protection against threats, support for business continuity, and email archiving enhance users’ email experience, so they can focus on their core business activities. The solution is compatible with a wide range email services, including Microsoft 365 Email Archiving, Exchange, and G Suite, and adds an additional layer of security. 

This is only one part of your defense-in-depth security strategy. It is critical to implement a security blanket for all apps and services within your organization—like robust endpoint security that directly secures end users’ devices, a healthy backup system to help protect data and provide easy recovery from ransomware attacks or natural disasters, and security policies that include the use of one-time passwords, to name a few. 

Don’t take your security strategy for granted. It is well worth investing in resources to assist with your security operations.

Additional reading

• The Email Security Education Series: Trending Email Security Threats   
• The Email Security Education Series: The Basics
• 4 Steps to Using Email Security to Help Increase Revenue 
• The Email Security War Against Office 365 Attacks

Mia Thompson is product marketing manager, Mail Assure, at SolarWinds MSP.

The SolarWinds and SolarWinds MSP trademarks, service marks, and logos are the exclusive property of SolarWinds MSP Canada ULC, SolarWinds MSP UK Ltd. or its affiliates. All other trademarks are the property of their respective owners.