Many companies have migrated their email management to Office 365. Microsoft’s cloud-based service provides a convenient and reassuring platform. Yet it does not fully meet the needs of businesses in terms of threats related to unwanted emails or retention compliance.
Office 365 allows businesses to manage their email in a simple way. This is not the only option for businesses that rather leave their emails in the cloud than hosting them on a local server. Microsoft’s credibility, the robustness of its infrastructure, and the integration with Office Suite software make its email solution a popular choice for many small and medium businesses.
To help them manage spam and harmful emails, Office 365 includes several specific features. Its professional users can thus:
Filter incoming connections, by checking the reputation of an external sender, from its IP address, before letting the messages it sends to the company;
Filter outgoing mail, to prevent an employee’s computer, under the influence of malicious software, from sending spam without even being reported by the employee;
Put in place rules to manage e-mail transfer flows. These rules can be used to:
- validate the origin of a message, verifying that the IP address of its sender belongs to the one who claims to have sent the message;
- add an electronic signature to the messages that are sent to guarantee their authenticity.
These functions are useful and allow to offer a first layer of protection. However, they remain poorly adapted to local realities. Office 365 is not successful in overcoming the challenges of protecting against email threats. Here are three:
Short duration of email retention
When a message is deleted, Office 365 will only keep it for the next 30 days. However, in many industries, regulations require companies to keep all emails for much longer – up to seven years or more depending on the industry. In case of commercial dispute, no longer having access to old messages can become a serious weakness. Especially since an erased message is not always for good reasons: the user may have deleted it by mistake, or because he misjudged its importance.
Inadaptation of the filters to the specificities of the language
Antispam filters are often based on English. Some French expressions or words, some of which are more used in Quebec, which should be filtered, may not be screened.
Poor protection against phishing and ransomware
Phishing is often used by crooks to obtain access codes to confidential accounts – bank accounts, among others. Ransomware can block access to critical business data – and thus paralyze business – until ransom is paid. Although Office 365 filters some threats, its primary purpose is quite different. It is imperative to protect yourself properly.
To overcome these weaknesses and some others, companies should consider a subscription to a turnkey service, affordable and meeting all the requirements mentioned above. GTI offers a service that complements the Office 365 solution perfectly and guarantees businesses that they will no longer take unnecessary risk in managing their e-mails.
With over 25 years of experience in the world of information technology, GTI offers outsourcing, technology consulting and cyber security services designed to meet the needs of SMEs. Contact us.