Sponsored by Mimecast - Conversational Geek · • Office Graph: Uses machine-learning techniques...

SponsoredbyMimecast

Mimecastmakesbusinessemailanddatasaferfortensofthousandsoforganizationsandmillionsofemployees.Foundedin2003,the

company’snext-generationcloud-basedsecurity,archivingandcontinuityservicesprotectemail,

anddelivercomprehensiveemailriskmanagementinasingle,fully-integrated

subscriptionservice.

www.mimecast.com

ConversationalOffice365RiskMitigation

ByJ.PeterBruzzese

©2017ConversationalGeek

ConversationalOffice365RiskMitigationPublishedbyConversationalGeek®Inc.

www.conversationalgeek.com

Allrightsreserved.Nopartofthisbookshallbereproduced,storedinaretrievalsystem,ortransmittedbyanymeans,electronic,mechanical,photocopying,recording,orotherwise,withoutwrittenpermissionfromthepublisher.Nopatentliabilityisassumedwithrespecttotheuseoftheinformationcontainedherein.Althougheveryprecautionhasbeentakeninthepreparationofthisbook,thepublisherandauthorassumenoresponsibilityforerrorsoromissions.Norisanyliabilityassumedfordamagesresultingfromtheuseoftheinformationcontainedherein.

TrademarksConversationalGeek,theConversationalGeeklogoandJ.theGeekaretrademarksofConversationalGeek®.Alltermsmentionedinthisbookthatareknowntobetrademarksorservicemarkshavebeenappropriatelycapitalized.Wecannotattesttotheaccuracyofthisinformation.Useofaterminthisbookshouldnotberegardedasaffectingthevalidityofanytrademarkorservicemark.

WarningandDisclaimerEveryefforthasbeenmadetomakethisbookascompleteandasaccurateaspossible,butnowarrantyorfitnessisimplied.Theinformationprovidedisonan“asis”basis.Theauthorandthepublishershallhaveneitherliabilitynorresponsibilitytoanypersonorentitywithrespecttoanylossordamagesarisingfromtheinformationcontainedinthisbookorprogramsaccompanyingit.

AdditionalInformationForgeneralinformationonourotherproductsandservices,orhowtocreateacustomConversationalGeekbookforyourbusinessororganization,pleasevisitourwebsiteatConversationalGeek.com

PublisherAcknowledgments

Allofthefolksresponsibleforthecreationofthisguide:

Author: J.PeterBruzzese

ProjectEditor: NickCavalancia

CopyEditor: JohnRugh

ContentReviewer: DavidHood

NotefromtheAuthor

Greetings!

Youmayfindthishardtobelieve,consideringthefactthatI’manOfficeServersandServicesMVP,buttherewasatimewhenIcampaignedadamantlyagainstgoing‘cloud’foryourenterprisegradeserverservices.Ifeltthecloudjustwasn’tready.Myfear,uncertaintyanddoubt(theFUD)wereoffthecharts!Nothingcouldchangemymind.AndthenIchangedmymind.

IstartedtoseethecompaniesIconsultwithseriouslyconsideringthemovetothecloud.CIOsweremandatingthemove,andITadminswerestucktryingtofigureouthowtomakeithappenandhowtopreparefortheworst.Imadethedecisiontogo‘allin’andimmersemyselfinOffice365inordertobeabletoassistmyclientstoagreaterdegree.Andinallhonesty,Ifellinlovewithit.

Afternearly2decades(ascore,ifyouwill)ofExchangeon-premisesfocus,Ifounditsomucheasiertoletothersworryaboutthehardware,upgrades,availabilityandsoforth.Thesideservices(ahem…Yammer)don’tenticeme,butfewareswitchingtoOffice365forthesideservices.E-mailiswhattheyreallywant.

However,Idiscoveredthereweresomegaps.AreasofconcernIhadtomitigate.RisksIdidn’twanttojusthopeandpraywouldn’thurtme.Iisolatedthoserisks…andfoundwaystomitigatethem.ThisbookwilltellyouwhatIdiscovered.

J.PeterBruzzese

The“Conversational”Method

Wehavetwoobjectiveswhenwecreatea“Conversational”book:First,tomakesureit’swritteninaconversationaltonesoit’sfunandeasytoread.Second,tomakesureyou,thereader,canimmediatelytakewhatyoureadandincludeitinyourownconversations(personalorbusiness-focused)withconfidence.

Thesebooksaremeanttoincreaseyourunderstandingofthesubject.Terminology,conceptualideas,trendsinthemarket,andevenfringesubjectmatterarebroughttogethertoensureyoucanengageyourcustomer,team,co-worker,friendandeventheknow-it-allBestBuygeekonalevelplayingfield.

“GeekintheMirror”Boxes

Weinfusehumorintoourbooksthroughbothcartoonsandlightbanterfromtheauthor.Whenyouseeoneoftheseboxes,it’stheauthorsteppingoutsidethedialogtospeakdirectlytoyou.Itmightbeananecdote,itmightbeapersonalexperienceorgutreactionandanalysis,itmightjustbeasarcasticquip,butthese“geekinthemirror”boxesarenottobeskipped.

Greetings.TheycallmeJ.WithintheseboxesIcansharejustaboutanythingonthe

subjectathand.Read’em!

Office365(101)forITProfessionals

WhatisOffice365?Therearetwoanswerstothisquestion,onefortheend-user,thosefolkswhousetheservicesprovidedbyOffice365,andonefortheITprofessionalsanddecisionmakerswithinacompany.Thismini-bookfocusesontheITPro,sowewillanswerthequestionfromthatperspective.

Office365isMicrosoft’scloudsuiteofcollaboration,communicationandproductivitytools.Inlate2015theOfficeBlogcalledit“oneofthefastestgrowingbusinessinMicrosoft’slonghistoryofprovidinginnovativetechnologyproducts”.

TheinstallbaseforOffice365isgrowingrapidly.OnApril27th,2017MicrosoftCEOSatyaNadellasaidtherearemorethan100millionmonthlyactiveusers.Andtheyaregaining2.5millionmorepermonth.Asfastasit’sgrowing,therearestillmanywhodon’treallyknowwhatitis.Intruth,thenameisabitconfusing.It’sgoodtonotethatitspredecessorhadanevenworsename:BusinessProductivityOnlineSuite(orBPOSforshort).

Office365wasinitiallyreleasedJune28th,2011(sixyearsago)andyetmanyarestill

unsureaboutwhatitis.

ThereasonOffice365isconfusingisbecausemanyfolksthinkitisreferringtothenextflavorofOffice,andtoadegreetheyarecorrect(I’llexplainthat).ButtheprimaryofferingisactuallyMicrosoft’shosted(akaonlineinthe“cloud”)versionsofExchange(ExchangeOnline),SharePointandSkypeforBusiness(aswellasavarietyofothertools,dependingontheplanchosen).

Let’sbreakdownwhatOffice365isallabout.

Office365ServicesOneofthemostcompellingservicesforOffice365istheabilitytohavehostedmailboxeshandledbyMicrosoftintheirdatacenters.Fromasimplisticpointofviewthedifferencebetweenyourmailboxbeingon-premisesorinthe“cloud”isthatyoucankicktheserveron-premises,butifyoufindthelocationofyourdatacenterandmakeyourwaytoitandtrytokickaserveryouwillbetakendownbysecuritybeforeyougetwithin100feetoftheperimeter.Andifyoudidmanagetosneakin,thereisnowayyouwouldeverfindtheserverwithyourmailbox.Ever.

So,arewesayingthatOffice365isjustanemailsolutionofferedbyMicrosoft?Thatisoneofitsmanyfeatures(andaprimaryoneatthat).Microsoftwantsyoutotrustthemwithyourmailboxes.Isitfree?LikeGmail?Well,Gmailisfreetoindividuals,andMicrosoftLiveaccountsincludeOutlook.comemailmailboxesthatarefreetoindividualstoo.ButOffice365isasubscriptionserviceandtheofferingsgobeyondjustemail.

Office365isasuiteofservicesthatincludeemail,collaborationthroughSharePointsites,onlineconferencing/IM/presence,filestorageandsharingthroughOneDriveforBusiness,chat-basedworkspacecollaborationthroughMicrosoftTeams,enterprisesocialnetworkingthroughEnterpriseYammer,OfficeOnline,desktopversionsofOffice(includingWord,Excel,PowerPoint,Outlook,Notepad,Access,PublisherandSkypeforBusiness)andahostofotherservicesdependingontheplanyouchoose.

MicrosoftTeams

ThedesktopversionsofOfficeareincludedaboveaspartofasubscriptionplansothatratherthanpurchasingafulllicenseforOfficeforseveralhundreddollarsyoucanpurchaseasubscription-basedOffice(whichisnowOffice2016atthe

base)thatyoupayformonthly.Samesolution,differentpaystructure.

ABreakdownofServices

• ExchangeOnline:Allowsyoutohavebusiness-classmailboxesforyourcompanyhandledbyMicrosoft.Microsoftprovidesdataredundancy(multiplepassivecopies),basicsecurity,etc.…

• SharePointOnline:Allowsyourcompanytosharedocumentsandcollaboratethroughworkflowtools.

• SkypeforBusiness:ProvidesIMandpresencecapabilities,aswellasonlinemeetingtools(audio/videoconferencingandscreen/applicationsharing).Note:TheE5planincludesPSTNconferencingandPSTNcallingfeatures.

• OneDriveforBusiness:Cloudstoragetostore,sync,shareandcollaborateusinganydevice.Ifyou’veusedDropbox,it’stheO365equivalent.

• MicrosoftTeams:Offersachat-basedworkspacewhereinternalteamscanmeet.Itincludesnotesandattachments.Ifyou’veseenorworkedwithSlack,thisisMicrosoft’scompetitiveversion(althoughunlikeSlack,currentlyyoucannotallowpersonsoutsidetheorganizationtoparticipateonaTeam(yet)).

• Yammer:Abusiness-basedsocialnetworkingtoolforpeopleinyourcompany.Thinkofitlikein-houseFacebook(whichmaymakeyousmileorcringedependingonyourcompanycultureand/orposition).Youcanpostmessages,pictures,documents,etc…andcommunicateandcollaboratewithcolleaguesthroughYammer.

• MobileApps:ThereareavarietyofdifferentmobileappstohelpyouworkwithyourOffice365solutionincludingOfficeforiPad,OfficeMobile(alreadyinstalledonyourWindowsphonesandavailableforiPhoneandAndroidmodels),OutlookMobile,SkypeforBusinessMobile(alsoavailableforWindowsphones,iPhone/iPadandAndroid),OneDriveappandmore.

NewTools/FeatureCadenceMicrosoftisalwaysreleasingeithernewservicesornew/improvedfeaturestoexistingservices.It’soneofthebenefitstohavingservicesinthecloud.Thereleasecadenceisincredible(andhardtokeepupwithattimes).Itfeelslikesomethingnewisreleaseddaily.

Past“new”toolsandfeaturesincludethefollowing:

• OfficeGraph:Usesmachine-learningtechniquestoconnectyoutowhatitdeterminestoberelevantdocuments,conversations,andpeople.Itwatcheswhatyoudo,whatinterestsyou,andwhatyoutreatasimportant,toprovideapersonalizedexperiencearoundyourworkflow.

• Delve:workswithOfficeGraphtocreateaPinterest-liketrendingviewbasedonwhatyou'reworkingon.Itistailoredtoyoupersonally.

• Office365Video:Providestheabilitytouploadvideocontenttoyourcompanyportalsothatyoucansharethiskindofcontentquicklyandsecurely.

• Clutter:Weallreceiveemailwemayhavesignedupfor(suchasanewsletter);thatemailisnotjunk,butyouprobablydon'tconsideritveryimportant.ClutterusestheintelligenceofOfficeGraphtoseehowimportant(orunimportant)emailistoyou.Itlearnsovertimeyour

levelsofimportance,thenusesthatanalysistoseparatetheclutterfromotherinboxitems.

Newer“new”toolsandfeaturesincludethefollowing:

• MicrosoftPlanner:Helpsyouorganizeteamworkbetterbyallowingyoutocreatenewplans,organizeandassigntasks,sharefiles,chatandmore.

MicrosoftPlanner

• SecureStore:ComparesyourcurrentO365servicesandconfigurationstoabaselineassertedbyMicrosoftandthenencouragesadjustments.

• StaffHub:Enablesstaffworkersandtheirmanagerstomanagetime,communicatewiththeirteamsandsharecontent.

• Bookings:Atoolforsmallbusinessestoscheduleandmanageappointmentsfortheircustomers.

• Classroom:Manageallclassesandassignmentworkflowforteachersandstudents.

Thesearejustahandfuloftoolsandfeaturesthathavebeenreleased.Sway,PowerApps,Flowandmorearealso“new”andevolving.

AccessingYourToolsandFeaturesToseeandaccesstoolsandfeatures,youneedtologintothewebportalforOffice365andaccessthemthroughtheAppLauncher.Clickthe9tileiconinthetopleftofyourscreenpost-loginandyou’llbeshownalltheappsinyourAppLauncher.Note:DependingontheappsyouhaveavailableyoumayseemoreorfewerappsthanwhatIhavehere.

Office365AppLauncher

Office365:TheAdminPerspectiveAsmentioned,Office365isallaboutthehostedservicesyoucanobtainbychoosingapackagethatfitsyourneeds.Atthesametime,it’salsoaboutsubscriptionOffice(ifyoupickaplanthatincludestheOfficesuite).ThereareBusinessand

Enterprise(E1/3/5)planstochoosefrom.TherearealsooptionsforEducation,Government,NonprofitandHome(forpersonalplans).

Everyplanyouchoosehasabaseofservices,andifyouneedadditionalservicesnotinyourplan,youcaneitherchoosethenextplanuporaddservicesalacarte(solongasthatmakessensefinanciallywhencomparedtochoosingthenextplanup).

SeveralPlanOptions

Logically,theplanyouchoosewillhaveapricetagattached.Thiswilloftendrivethedecisiononwhichplanisbestforyou.Youwanttobecarefulthattheplanyouchooseincludesfeaturesyoudesire.Forexample,ifyougetaBusinessplan(asopposedtoanEnterpriseplan)youmaynothavesomeoftheregulatorycompliancefeaturesyouwouldliketohave(likepremiumjournaling).Youcanalwaysupgradeyourplanifyouneedto,butitwouldbebettertoknowupfrontwhatyourplansupports.Theseplansarenotjustbasedonnumberofseats,theyhaveenabled/disabledfeaturestoconsiderandsomeincludeOfficewhileothersdonot.

Icaneasilyaddnewuserstomyportal,pullupreports,andmore.It’seasyenoughfornon-adminstofigureoutbuthasin-depthadminconsolesthatseasonedITproswillappreciatetoo.Forexample,whenworkingwithspecificfeaturesofOffice365,likeExchangeOnline,Ihavetheabilitytoworkwithaweb-basedportalsolutionsimilartowhatIuseon-premises.

SofromanITadminperspective,it’sgreattonothavetolearnawholenewinterfacewhenworking.

Oftentimeswithhostedsolutionsitdoesn’tworkthatway.Yougetsomekindofproprietarytoolset(web-based)thatgivesyouverylimitedoptions.ButwithOffice365yougetaveryrobustadministrationexperience.Asclosetoon-premisesasyoucanhopeforwithahostedsolution,inmyopinion.

Inaddition,youcanestablisharemotePowerShellconnectiontoOffice365andperformmost(butnotall)tasksthroughthecommand-lineasyouwouldthroughtheShell.

Office365AdminCenter

TheOffice365TrustCenterMicrosoftknowsthatitishardtotrustsomeoneelsewiththelifebloodofyourcompany…data.Therehavebeensomescarybreachesinsecurityoverthepastfewyears,andithasfolksabitleerywithregardtousingthecloudforcorporatedata.

ToassistpeopleinlearningallthatMicrosoftisdoingtoearnandmaintainthattrusttheyhaveestablishedaTrustCenterforOffice365.ItfocusesonhowOffice365hasbeendesignedwithbuilt-insecurity,continuouscompliance,privacybydesign

andtransparentoperations(eachsubjectgettingitsowntabtodrilldownabitmoreonthesubject).

Note:TheOffice365TrustCenterURL:https://products.office.com/en/business/office-365-trust-center-cloud-computing-security

KeyplayersintheOffice365spacehavebeencreatingvideocontentforaseriescalled“Conversationsfrominsidethecloud”thatfocusesonkeysubjectslike“WhytrustOffice365?”withJuliaWhite(GeneralManagerforOffice365)andRajeshJha(CorporateVicePresident,OperationsandServicesEngineering).Anothergreatonetowatchis“Isyourdatasafeatrest?”withVivekSharma(PartnerGroupProgramManager,Office365Engineering)whichhassomecooldatacentersecuritypoints.

OneofthebenefitsoftheTrustCenteristhatyoucanusethiscontenttohelpdecisionmakerswithinyourorganizationfeelmorecomfortableaboutthemovetoOffice365.Youmaybeconvincedit’stherightmoveforyourorganization,butyoustillhavetoconvincethefolkswhowritethechecks,andthiskindofcontentisshort,tothepoint,andveryeffectiveindoingjustthat.

TheOffice365OnlineRoadmap(aka…FlightPlan)InterestedinseeingtheOffice365roadmapbutdon’thaveabehind-the-scenespresspasswithasignedNDAinplacetomakeithappen?Well,MicrosofthasanonlineroadmapforOffice365thatshowsclearlyallthefeatureslaunched,beingrolledout(butnotyetavailabletoall),indevelopment,cancelled(forthosefeaturesnolongerinthequeueorindefinitelydelayed)andpreviousreleases.

TheOffice365onlineroadmapmakesiteasytoseefeaturesataglance,soyoucaneasilykeepuptodatewithMicrosoft’s

cloud-basedsolutionforallthingscollaborationandcommunicationforyourenterprise.

Ifigure,sinceOffice365isacloudsolution,insteadofcallingitaroadmap,itshouldbe

calledaflightplan.Right?

Note:TheOffice365RoadmapURL:http://fasttrack.microsoft.com/roadmap

TheBigTakeawaysOffice365isMicrosoft’shostedsuiteofcommunicationandcollaborationsolutionsincludingExchangeOnline,SharePointOnline,SkypeforBusinessandseveralothertools/features,dependingontheplanyouchoose.

Thereareavarietyofplanstochoosefromwithdifferentfeaturesandpricetagsattached.Youneedtomakesuretheplanyouchooseisbestforyourneeds.

SomeplanscomewithasubscriptiontoOfficesouserscaninstallthelatestversionofOfficeapplications.OneofthevaluestoOffice365isthatallofthesolutions(theserver-sideonesandend-userones)arekeptuptodateandarethelatestavailableiterationsofthosesolutions.

MicrosoftisaggressivelydevelopingouttheOffice365platformandenhancingfurtherthefeaturesthatcurrentlyexist.Youcancheckthepublicfacingroadmap(akaflightplan…it’llcatchon)toseewhat’sindevelopmentforthefuture.YoucanalsokeepaneyeonOfficeblogs(http://blogs.office.com)toassistinstayingontopofnewfeaturesandfutureenhancements.

RiskMitigationandOffice365

AsImentionedinmynoteatthebeginning,IjumpedinwholeheartedlywithOffice365withExchangeOnlineandhaven’tlookedback.However,withon-premisesExchangetherewerealwaysgapsthatcausedmetoreachouttotheecosystemsetofsolutionsfromthirdpartiesthatsurroundExchangetoplugthosegaps.Asecurityappliance,abackupsolution,amonitoringpieceandsoon.IhavefoundExchangeOnlinetobesimilar,causingmetotakepauseandseekoutthirdpartysolutionstohelpmitigategapsandrisks.WhatIfindoddishowmanycompaniesaresimplyfoldingtheirhandsandsleepwalkingintoOffice365.

SleepwalkingintoOffice365Howmanyon-premisesdeploymentsofExchangehaveyoudoneovertheyears?HowmanyExchangeservershaveyoumanaged?Nowthinkaboutthis,whenhaveyoueverseenagreenfieldorlong-termdeploymentofExchangethatsimplyusedwhatExchangehadtoofferwithoutreachingouttowardecosystempartnerstoprovideimprovedservicestosurroundandsupportExchange?Toenhanceit.

Granted,maybewithSmallBusinessServerdeploymentsyoumighthavefolksjusttakingwhattheygetduetobudgetaryconcernspreventingthemfromdoingmore,butinmostdeploymentcasesyouseeExchangesurroundedbyabest-of-breedorbest-in-class(personalfavorite)backup/recoverysolution,monitoringsolution,securitysolution,archivingsolutionandsoforth.That’snormal.Sowhyisitwhenwemovetothecloud,andmovetoOffice365,wefoldourhandsandjustacceptwhatisprovidedorbuiltin?WhyarewesleepwalkingintoOffice365?

Solutionsarchitectsneedtore-inventthemselvesgoingforwardtobecomecloudriskmitigationexperts.Theyshouldn’tjustgiveup,thinking‘ohwell,it’sallinOffice365now,myjobisdead’.Theyneedtoembrace

theirnewplaceintheuniverse.

OntheonehandtherearethingsMicrosoftcandowithamulti-tenantcloud-basedversionofhostedExchangetheycouldn’tdowiththeon-premisesflavor.Becausetheyhavefullcontroloftheinfrastructure,theycanprovidehighavailabilityusing‘nativedataprotection’thatallowsformultiplepassive(andlagged)copiesofyourdatabasesacrossdatacenterstoprovideafantastichighavailabilityofferingthatwouldcostacompanytime/money/personneltoprovidein-

house.That’soneofthemanyreasonsIencouragefolkstomovetoOffice365.

Ontheotherhand,therearestillgapsintheservicesprovidedthatrequireathird-partysolution(aunique,all-in-onesolution)tohelpensurethetypeof1-to-1experienceyoutypicallyseeon-premisesduetothecombinationofExchangeandthird-partybolt-onenhancements.

FourKeyAreasforConcernWe’renotgoingtopickaparteverylittlethingaboutOffice365andExchangeOnline.Thereisnopointindoingthat.It’sagreatsolution,andpricedright.I’monlygoingtohittheriskareasthatmakepeoplenervousaboutOffice365.I’llexplainwhatisbuiltinandwhyathird-partybolt-onwouldbebettertoenhancetheoverallsolution.

Security

Exchangeon-premises(2013/2016)includesananti-malwaresolutionandanti-spamagents.Theseofferverybasicprotection,somostenterprisedeploymentsofExchangelooktoathirdpartyon-premisesapplianceorcloud-basedsolutiontoreallycoverthemselvesagainstallthebadstuff:spam,malware,phishing,spearphishing,whaling,impersonationattacks,ransomwareattacksandsoon.

Spearphishingisbecomingafocalpointforattackerslookingtobreachorganizations’defenses,anditisverytreacherous.It’s

targetedagainstaspecificcompany,andhasledtosomemajor,high-publicityhacks,

becausetherewerenosolutionsinplacetohelpdetectthespearphishingattack.

ExchangeOnlinecomeswithafreesolutioncalledExchangeOnlineProtection(EOP).It’senabledbydefaultandprovidesbasicanti-spam/malwareprotection.Doesitwork?Itdoes…andtheEOPdevteamisaggressivelyseekingtoimprovethesolution.However,thelastthingyouwantistogetpulledintoasecuritymonoculture.

Thetermmonocultureisdefinedasacommunityofcomputersthatallrunidenticalsoftwareandhavesimilarvulnerabilities.Office365mightbe

consideredaSaaSSecurityMonocultureifutilizedwithoutathird-partylayeredsecurity

solutionapproach.

On-premises,everycompanyhandlessecurityalittledifferently,withacombinationofvendorsinvolved,multiplelockstopickandeachcompanyitsowntarget.WithOffice365alltenantsaretogetherunderthesamesecuritycodebase,providingaverytargetrichenvironment.

DanGeer,ariskmanagementspecialistandcyber-securityexpert,hasrepeatedlypointedouttheproblemofasecuritymonoculture,especiallywithregardtoMicrosoft.HisprimaryfocuswasonthenumberofMicrosoftworkstationsconnectedtotheInternet.Butanevengreaterthreatistohaveamulti-tenantemailsolutionmonopoly(whichisinevitableatthispoint)withasinglesecuritysolutioncodebaseprotectingallthetenants.

Thinkoftheillustration“don’tputallyoureggsinonebasket”.Well,withOffice365you’reputtingallyoureggsandeveryoneelse’seggsallinonebigbasket.AmItheonlyonewhogetsnervousaboutthat?

EOPonitsowndoesn’tprotectagainstsomeoftherecentattacktypeswithweaponizedattachmentsandlinksthatmakeitthroughthefirstlineofdefenseandintoanend-user’smailbox.SoMicrosoftreleasedanewsolutioncalledAdvancedThreatProtection(ATP).ATPisincludedwithanE5plan,oryoucanpurchaseitasanaddonperuser.

Thethreatsthatkeepmeupatnightincludespearphishing,ransomwareand

impersonationattacks.AndinmyopinionbothEOPandATParen’tenoughtoallowme

tosleepeasy.Ineedmore.

AdvancedThreatProtection(ATP)

ATPofferstwonewprotectionfeaturescalledSafeAttachmentsandSafeLinks.Theconceptissimple.Twowaysthebadguysgettoyourendusers(besidestheeasy-to-spotspamandattachedknown-virusattachments)arewithattachments(thatmayappearsuspiciousbutaren’tKNOWNtobebad)andwithlinksthatleadtositesthatare“ok”whentheyfirstcomethrough,butmaybecomeharmfulontheback-endduetoatargetedspearphishingattack.

SafeAttachments:Safeattachmentsusesasandbox‘detonationchamber’toensuretheattachmentisharmless.Sandboxinghasitsplace,butithasafewholesintheuseofthetechnology.Forone,itcauseslatencyinyourreceivingofemails.Microsoftsaystheexpecteddelayis4or5minutesbutcanbeasmuchas30minutes(atwhichpointittimesout).Andthereismalwarethatknowswhenit’sinasandboxandremainsdormant.Inaddition,it’sessentialtohaveasandboxthatusestimeincrementation,meaningitcanforwardthetimetotrytoforcedetonationoftheattachment.It’sbelievedthattimeincrementationisnotpartoftheATPsandboxsolutionandMicrosoftprovidesnodetailstothwartthatbelief.Withouttimeincrementationallabadguyhastodoissetthe

documenttodetonateoutsidetheSLAlimit.Ifyou’relikeme,youdon’topenadocumentandquicklycloseit.Youleaveitopen…forhours,days…weeks.

SafeLinks:Atthetimetheuserclicksthelink(whichhasalreadybeenclearedbyyourfirstlineofdefenseandissittinginyourusers’mailbox)theURLispointingtoamalicioussite.Thesafelinksfeaturewillcomparethelinktoablocklistcorrespondingtothetimeyouclickthelink(whichcouldbethenextday,week,monthforanend-user).Theycallthis‘time-of-click’protection.However,thesafelinksfeaturejustchecksagainstacontinuouslyupdatedblocklist.Nothingdynamichappenstoreachoutandreallyseeifthatlinkgoestoasitethathassomethingharmfulrunninginthebackground.It’sstillagoodenhancement,it’sjustnotagreatenhancement.Notwhenyouhavethird-partysolutionsthatcanscanthesiteandlookforthreats.

Ibelieveindefense-in-depthandthewisdomofalayeredsecurityapproach.Multiplechuteswhenyoujumpoutofaplane.Ipromoteend-pointprotection,DNSlevel

protection,userbehavioranalytics,etc.AndI’mahugeproponentofathird-partycloud-basedsecuritygatewaywithExchange/Office

365.

Longstoryshort,ExchangeOnlineProtection(withorwithouttheAdvancedThreatProtectionpiece)islacking.Andit’slackingnotjustduetoafeaturecomparisonwiththird-partyoptions,becauseovertimethegapinfeatureswillclose.MicrosoftwilleventuallygetEOPuptoparwiththebestofthebestinsecurityoptions.BUT…itwillstillbeasinglelocktopick,asecuritymonoculture,andthatiswhereasecondarybolt-onsolutionshouldbeseriouslyconsidered.Don’tjusthopeyou’resafe,knowyou’resafe.PLANtobesafe.

LowHangingFruit(MXToolbox)

Imagineyou’reathieflookingtorobahomeandyou’relookingattwobigbeautifulhouses.Thefirstsitsonawide-openpropertywithnogates,nosecuritysystemsigns,no“BewareofDog”or“BewareofOwner”signs,reallynothingtoindicateprotection.Andthesecondhasamassivegateandfencingsystemwithsecuritycameras,asignforasecuritysolutionthatisnotedasthebestaround,a“BewareofDog”signoutfront,anda“NoTrespassing”sign.Now,whichwouldyourob?

It’sthesamewithattackersgoingafteracompany.Unlessthemotiveisrevenge(adisgruntledformeremployeeperhaps)orcorporateespionage/attack(competitivecyberwarfare)manyattackersarejustlookingforlowhangingfruit.Aneasytarget.

TostarttheymightuseasimpletoollikeMXToolbox.com.Youcantypeinadomainnameandquicklyseewhereacompany’sMXrecordsarepointing.Notethefollowingresultsfortwocompanies(CompanyAandCompanyB)

• CompanyAcomesbackaspointingtoprotection.outlook.comandtheemailserviceproviderislistedasOffice365.

• CompanyBcomesbackwithmultipleMXpointstoathird-partysecuritysolutioncalledMimecastandtheemailserviceproviderislistedasMimecast(althoughit’sactuallyOffice365).

Whichwouldyouchoosetoattack?ThefirstoneisusingnothingbeyondEOP/ATP.Thesecondhasaninvestmentinsecurityforalltosee.Youmightassume,asthebadguy,thatCompanyAiseitherunawareoftheriskorgaps,orsimplynotwillingtopayforbetterprotection.That’sinterestingtoyou.WhatelsearetheyNOTdoing?AretheyNOTtrainingtheir

endusers?DotheyNOThaveothersolutionstoprotectthemselves?Forlackofabetterword,theyarelooking“tasty”toyouasacybercriminal.

RecreatetheVault

Anotherfactortoconsideristheabilityofthecybercriminaltorecreateyourenvironmentshouldtheywishtotesttheirattackmethodsoutbeforehittingtheirtarget.Wecallitrecreatingthevault.

HaveyoueverseenOceans11?InthebeginningofthemovieGeorgeClooneyandBradPittarestealingtheplansforthevault.Torobit?Well,yes.Butnotatfirst.Firsttheyrecreatethevaultinawarehousesotheycanpracticerobbingitfirst.See?

Ifyou’reusingstraightout-of-the-boxEOP/ATPitcostslessthan$100toregisteradomainnameandsetupaportaltoplaywiththatincludesmultipleaccounttypes.Nowyoucantossstuffatitandseewhatmakesitthrough.

OneDropofPoison

It’snotwhatyoursecuritysolutioncanstopthatmatters.It’swhatitletsthroughthatyouneedtoworryabout.EOPandATPdowork.TheyDOstopstuff.Spam/malware/ransomwareandmaliciouslinksorimpersonationattacks.ButintestingI’veseenresultsthatindicatethatitmisseswaytoomuchformycomfortlevels.Areyouokwiththat?Areyouokwithhavingyourhumanfirewall,theend-users,beyourlastlineofdefenseagainstmodernthreats?

Inotherwords,areyouokwithaglassofwaterthatisn’tfilledwithpoisonbutjustadroportwo?Drinkup!Ahem…probablynot.Thenathird-partysolutionisakeybolt-onnecessitytomitigatesecurityriskinmovingtoOffice365.

DataAssuranceArchiving

Yearsbackwedidn’tworrysomuchaboutarchivingdata,weworriedonlyaboutbackingitup.Butwiththemanyscandals(thinkEnron)andlawsuitscroppingupthatrequiredtherequestingofallemailcommunicationwithinacompany,aneedarosetoprovideeDiscoveryinamucheasiermannerthangoingthroughbackuptapes.TheadventofarchivesolutionsandeDiscoveryallowedITadminstoprovecompliancethroughdiscoveryofdata.

On-premisesExchangeadministratorsreachouttotheecosystemofthird-partysolutions(softwarebased,hardwareappliance-based,cloud-based)toprovideanarchiveofdata.Assureddataretention=discoverability=compliance(whichmeansnofinesorjailtimefortheITadmin).

Exchangeon-premisesdoesNOTincludeanenterprisegradearchivesolution.Andguesswhat?NeitherdoesExchangeOnline.

IsaythisandIcanhearsomeofyourespondingwith“butwait…doesn’tExchangehavean‘in-placearchive’feature?”Icannottellyouhowfrustratingthatnamingistome.Yes,itdoeshavethatfeature.AndIlikeit.Butit’spoorlynamedinmyopinion.Ibelieveitshouldbecalleda‘pstrepository’feature.Letmeexplain.

Inanon-premisesenvironment,youcanhaveahigh-performancestoragesolutionyouwanttorunyourmailboxdatabasesoffof.AndeventhougheveryeditionofExchangeoverthelast10years(2007,2010,2013and2016)hasimproveddatabaseperformancetremendously(inpartbecausetheypulledoutSIS-singleinstancestorage)andJBODarraysshouldbemorethanadequateforyourenvironment,inmyexperienceformostorganizations,therearestillplentyoffolkswhowanthighperformancediskfortheirdatabases.

However,iftheywishtoeliminatepstfilesandallowuserstobloattheirmailboxesabit,the‘in-placearchive’featureallowsadminstouseasecondarydatabaselocation(typicallyoncheaper,slowerdisks)forthatdata.Totheenduser,italllookslikeonemailbox(theInboxandIn-PlaceArchive),butinreality,thedatacouldbeintwoseparatedatabases,ontwoseparatestoragesolutions.

Whatdoesthismean?Itmeansyoucaneliminatethat.pstnightmareinyourorganization.Doesitprovideanenterprisegradearchive?Notatall.Becauseifwesayanarchiveisallaboutretention,discoverabilityandcompliance,thenthebasicflawoftheExchangeInboxandIn-PlaceArchiveinthatroleisthatbydefault,enduserscandeletethedataineitherone.Iftheusercandeletedata,thenyoucannotensurediscoverabilityandthesolutioncannotbecompliant.Gameover.

Ah…butMicrosoftknowsthis.Theyknowitandhaveasolutiontoensurediscoverability,Legal(orIn-place)Hold.Ifyouplaceallmailboxesonlegalorin-placeholdfromdayoneinOffice365thennoemailcanbedeletedfromthesystemanditwillalwaysbediscoverable.

Onenoteonthis,ifyoudidthiswithanon-premisesenvironmentyouwouldbloatoutyourstorageandwouldnotbepleased.ButwithOffice365,youcanbloatthatstorageoutandyou,theadmin,don’thavetoworryaboutit.MicrosoftWANTSyoutodothisbecausethelargeryourdatagrows,thelesslikelyyouaretoeverleavetheirsystem.Thestressofdoingsowouldmakeitprohibitive.Icallthisthe“HotelCalifornia”approachtocustomerretention.Youcancheckoutanytimeyoulike,butbecausethedatabloatisexcessive,makingthemoveanightmare,“youcanneverleave”.Brilliantreally.

Legal/In-PlaceHoldisaband-aidsolutionhere.LegalHoldwasdesignedtobeaproactive(orreactive)approachtosituations

whereHRisapproachedwithsomeformoflitigationagainstMr.Nastyinyourcompanywhohasbeensendingharassingemailstoastaffmemberandyouneedtostophimfrompermanentlydeletingsuchcontentfromhismailboxsoyoucanprovidediscoverabilityofit(ifitdoesindeedexist…innocentuntilproven…andallthat).Mr.Nastyisn’tevenawarehismailisonhold.IfhetriedtodeleteemailitsimplygoesintoahiddenRecoverableItemsfolderthatcanbesearchedduringeDiscoverybythosewiththeproperpermissions.

Withalegalholdscenario,thewholemailboxisonholduntiltheholdislifted.Within-placeholdthereissomeflexibilityintermsofwhatyouholdandforhowlong.Andthesesolutionshaveanabsoluteplaceintheworldofcompliance.It’sagoodfeaturelike‘In-placeArchive’(aka.pstrepository)is.Butit’snotwhatwecometoexpectfromagenuine,enterprisegradearchivesolution.

Microsoftrecentlystoppedtalkingabout“holds”ondataandisnowcallingtheir

solution“intelligentdatagovernance”withpreservationandretentionpolicies.That’sfine,butunderthehoodit’sstillusing“hold”

solutionstomakeithappen.

Modernarchivesolutionskeepasecondarycopyofthedata(whichcanalsobeusedforrecoverability,ifnecessary).Typically,end-usershaveread-onlyorinteractiverightstothedata(sotheycanfindandinteractorrecoveremailsfromtheirpastbutnotdeletethoseemails),somethingyoucannotdowiththe‘hold’solutionsinOffice365.

Inaddition,insomecasesabusinessmayberequiredtopurgedata(forexample,inthecaseoflitigationwherethejudgedeterminesthereisaneedtopurgetheexistingdata).Mostenterprisegradearchivesolutionscandothat.The‘hold’

optionscannotdoiteasily(norcantheydoitwithoutthepossibilityofahumanerrorcausinglostdata).

Inshort,Ipreferaseparatedatabankformyarchivebecauseitprovidesmewithagreaterlevelofcomfortduetoa)myabilitytoswitchserviceswithoutgettingstuckina“HotelCalifornia”situation…soIlikethedataagility/portabilityaspectofit,b)myendusershavetheabilitytosearchandinteractwiththeirread-onlyarchive,c)purgingdataiseasierandlesspronetousererrorandd)sinceOffice365doesn’thaveabackupofthedata,itgivesmepeaceofmindknowingIhaveasecondcopyofemail,shouldIneedtorestoreit.

Wait…what?NobackupofOffice365?We’llcirclebacktothat.RememberIsaidthree(maybefour)keyareasforconcern?

ContinuityorAvailability

Allcloudservicesfailfromtimetotime.Thereasonsvary,andthelengthoftimeisunpredictable.Andithappenstoallvendors,sothereisnopointinbashingMicrosoftfordowntimeofOffice365pieces(includingExchangeOnline),becauseeverymajor/minorvendorhasdealtwithit.Thereisnoperfectvendorwithaperfectamountofuptime(that’simpossible).

However,Istillconsiderthistobeagapandanareaforriskmitigation,becauseitcomesdowntowhetherornotyouhaveoptionswhen/iftheserviceisdown.It’slikejumpingoutofaplane.Youhaveaprimarychuteandhopeitworks.Buteveryonceinawhile,itmaynot(forwhateverreason).Itsureisalifesaverknowingyouhavethatbackupchuteinplace.

WhenExchangeOnlinegoesdownitwillbeimmediatelyapparenttoyourend-usersthatsomethingiswrong,butitmaynotbeimmediatelyapparentthattheproblemisMicrosoft.YourfirstinclinationistochecktheOffice365AdminCenter

andseeiftheyarereportinganoutage.Andtheymaynotbe.That’sbecausebeforetheyturntheirlittlelightfromGreentoRedtheyhavetodetermineiftheproblemisaserver,aserverrack,apod,oradatacenter.Inotherwords,beforetheyflipthatswitchandadmittoaproblemtheyneedtoknowhowbigaproblemtheyhave.It’snotaboutyouandyourtenant(notonthatlevel).

SomemaywonderhowtheymightobtainOffice365outageinformation.Isitpublic

knowledge?MicrosoftpublishestoanOffice365HealthTwitterfeed.@Office365Health.It’snottheeasiestwaytogaininformationbutitworks.AndthetwitterupdateslinktotheServicePortalforyourOffice365.Other

waystodetermineoutagesincludedowndetector.comorReddit.

Backup/Recovery

Microsoftdoesafantasticjobofdataprotectionmanagementthroughtheirnativedataprotectionsolution.ThisutilizestheExchangedatabaseavailabilitygroup(DAG)featuretoensuretheactivedatabasehasmultiplepassivecopies(lagged)splitbetweendatacenters.Ontheplusside,thiseliminatesalotofriskoveryourexistingdata.Butthereareafewthingsthisdoesn’tprovide.Itdoesn’tofferabackupofdatasoyoucanrestoretoapointintime.

HavinganarchivesolutionisgreatforeDiscoveryandcanassistshouldmailbemissingandappearlost.Butit’snotthebestsolutionforamailboxrestore.

IknowtherearemultiplepassivecopiesofthedatabutIstilllikeknowingIhaveacopy.Callmeadinosaur,butI’vebeenburnedbeforeinthisregardandliketobeextra

cautious.I’dratherplanforaproblemthanhopeitdoesn’thappen.

KeyTakeawaysOffice365isafantasticsolution,especiallyExchangeOnline.Andit’sthewayofthefuture.MoreandmoreorganizationsofallsizesandbusinessrequirementsaremakingthemovetoOffice365,primarilyduetoitsemailoffering.

AssolidasolutionasOffice365is,therearegaps.Thesegapsrelatetorisksthatneedtobemitigated.Inthepast,withon-premisesExchange,welookedtoecosystemsolutionstomitigatethegapsinExchange.Wecouldboltonseveraltop-notchsolutionsandmakea“better”emailenvironmentasaresult.

WhataboutwithOffice365?

AlthoughMicrosofthasmorecontroloverthesolutionbecauseit’shostedintheircloudandtheycanenhance,improve,developandtweakitalldaylong…therearestillgaps.Therearerisks.Andtheseresideprimarilyintheareasofsecurity,dataassurance,continuityandbackup/recovery.

It’sobvioustheseriskscausefear,uncertaintyanddoubt(fud).Buttheydon’thaveto.MyencouragementtoanyOffice365currentcustomerorpotentialcustomeristolookonceagaintotheecosystemtofindwaystomitigatetherisks.Lookforanall-in-onebolt-onsolutionthatcanaddressthepainpointsandenhancewhatMicrosoftprovides.

Whyanall-in-one?Well,unlikeon-premiseswhereemailcanmovethroughyourbolt-onpiecesinananosecond,withthecloudyoucannothave(ordon’twishtohave)emailboundingfromonedatacentertoanother,fromonesolutiontoanother,beforereachingtheMicrosoftdatacenterthatholdsyourmailboxes.Thatleveloflatencywouldbeprohibitive.Rather,lookforasinglesolutionthatdoesitall.

Thequestionis…doessuchasolutionexist?

VendorSponsor:Mimecast’sRiskManagementandCyberResiliencyforOffice365

Mostinformationyoureadaboutwhenitcomestoathird-partysolutioniswrittenbythethird-party.Theytellyou“we’reawesome!Andhereisadocumentthatprovesit!<cough><cough>writtenbyus<saidinawhisper>”.Evenifitistrueitcertainlydoescauseaneyebrowtoriseandthecynicalsidetouscomesout.Doesn’tit?

That’swhyItoldmyfriendsatMimecastIwantedthemtoletmewritethisupinmyway.Iwantyoutoseetheirsolutionthroughmyeyes.Iwon’tbeabletogiveyoueverylastbellandwhistle,butIwillcertainlybeabletotellyouhowitwilladdvaluetoeitheryourOffice365ExchangeOnlineorhybridenvironment.

Mimecastwasfoundedin2003byPeterBauerandNeilMurray.Thesewereregularpeople(albeitsupergeniuses),IT/Devadminsthatsawaproblemandwenttoworkfixingit.Theproblemtheysawwasthatemailwasbecomingmoreandmorecomplextohandle.Theybuiltacloud-basedsolutionto

theproblemthatprovidedemailmanagementandriskmitigation–andthecompanytookoff.

SecurityEmailmanagementcanmeansomanythings,sowhatisitREALLYthatMimecastprovides?Well,forstarters,anti-spamandanti-malware.Keepthejunkfromeverreachingyouron-premisesExchangeorOffice365servers.Mimecast’ssolutionsitsbetweenyourorganizationandtheInternetandprovidescompleteprotectionfromspam,viruses,malware,whaling,zero-dayattacks,ransomware,phishing,spearphishinganddataleaks.

MimecasthasaservicecalledTargetedThreatProtection(TTP)whichfocusesonreal-time,whaling,ransomware,spear-phishingandotheradvancedthreats.Onewayitdoesthis(thatIthinkisbrilliant)isbyconvertingincomingdocumentstoPDF.Soratherthansendeverydocumentthroughasandboxdetonationchamber(i.e.avirtualmachinetoopenthatdocumentandseeifitwilldoharm)itwillconvertittoPDF,thusrenderingharmlessanymaliciouscodewithin.AndthenifthepersonWANTStheoriginaldocumentitcanbesandboxed.Averycreativeapproachtoeliminatethelatencyoftryingtosandboxeverysingleincomingdocument.

MimecastalsorewriteseveryinboundURLforon-clickprotection.Andidentifieswhalingemailsthattryandstealmoneyordata.ThosearejustsomeofthecoolfeaturesinTTP.

Butitdoesn’tstopthere.Mimecasthasasecuremessagingsolutionthatisverycustomizableandeasytoworkwith.Theyalsohavea‘largefilesend’(LFS)solutionsoend-userscansendfilesupto2GBinsizerightthroughtheirOutlookclient(iftheplug-inisused).

TheMimecastSecureEmailGateway(SEG)usesseveraldetectionenginesforamulti-layeredapproach.Itincludesthe

abilitytodeploypoliciesthatassistwithdataleakprevention(DLP)andcontentcontrol,aserioussorespotformostorganizations.So,Mimecastkeepsthecompanydataconfidentialwhilekeepingthebadguysoutatthesametime.Anditdoesthisnomatterwherethepersonisconnected(LAN/Wi-Fi/Internet)andnomatterwhichdevice(desktop,laptop,mobile/tablet).

ArchiveMimecastprovidesanindependent,enterprise-gradearchivesolutionwithapowerful,high-performanceeDiscoveryservice.Thisreducesyouron-premisesstoragecostsbecausethearchiveensuresyouhaveanaccessiblecopyofthatdataatalltimes.

LetmeexplainthisabitfurtherbecauseIdon’tthinkeveryoneunderstandsthevalueofthissolution.UsingMicrosoft’sin-placearchivesolutionisgreatforeliminatingPSTfilesbutnotgreatforenterprisearchiveandregulatorycomplianceprotection.Why?Becauseend-userscandeletewhatevertheywant.Andforthattostopyouhavetoenableaformoflegalhold(litigationholdorIn-PlaceLegalHold).Thiscreatesmorestoragebloatbutdoesstopend-usersfromdeletingthingspermanently.It’sjustnotflexibleandnotinteractive.Andifyou’reinahybridenvironmentthereisnosinglepaneofglassforsearchingbothon-premandcloudatthesametime.

WiththeMimecastsolutionyouhaveemailarchivedbeforeitevenreachesyouron-prem/O365servers.Userscandeletewhatevertheywant.Notabigdeal.Youhaveanarchive.Nowthecoolthingisthisisanaccessible/interactivearchive,notbackuptapesthatsitinavault.End-usersaregiventoolsthatintegratewithOutlooksotheycanperusetheirarchiveandfindemailstheymayhavedeletedaccidentallyandrestorethem(noITinterventionrequired…justalittletraining).BUT…iftheywanttodeleteanemailthatmaybeincriminating…nope,notpossible.Note:Mobileappsarealsoavailable.

Iliketocallthis“preventativelitigation”.Thinkaboutit.Ifyouknow,asanend-user,thateverythingyousendandreceiveisbeingarchived,isnon-deletable,iseasilylocatedwitheDiscovery…howstupidwouldyouhavetobetosendsomethinginappropriate?Hence,preventativelitigation.Astrongdeterrent,ifyouwill.

ContinuityIrememberat5yearsoldbeinginthemovietheatreforthefirstSupermanwithChristopherReeves.DoyourememberthepartwhereLoisLanefallsoutofthehelicopterandSupermancatcheshersaying“Don’tworryma’am,I’vegotyou”?Andshesays“You’vegotme?!Whosegotyou!!!???”Classicline.Goodquestionthough.

So,youhaveallthesedifferenttypesofServiceLevelAgreementsfromMicrosoft.SLA’spromisemanythingsandoneofthemisavailabilityofyourservices.Butwhathappensif/whentheservicegoesdown?Ithappens.Ithappenswithon-premisesExchangeandithappenswithhostedsolutionsandevenOffice365.Sure,theSLAtypicallyofferssomekindofrestitution,butwhatifyoudon’twantrestitution,youwantavailabilityofservice?Microsoftcannotbeitsowncontinuitybackupsolution.

HereiswhereMimecastisabrilliantsolution.Theykeepusersworkingduringon-premorcloudoutages.Likeabackupparachute,shouldtheprimarynotopen…youdon’thavetofreefall,youcanpullthesecondarycordandglidetosafety.

So,let’ssaytheOffice365servicegoesdown.Firstoff,ratherthanhavingyouguessifthereisadisruptionandpossiblyobtainingmixeddatafromtheO365AdminCenter,Mimecastprovidesoutage/disruptiondetection.Througha‘heartbeat’approachMimecastmonitorsforhighlatencyandfaileddeliveries.Ifaproblemisdetected,basedonsetthresholds,MimecastwilltriggeranalerttoadminsviaSMSorasecondary

email.Fromtheretheadmincankickoffacontinuityeventwhichallowsend-userstokeepworkingthroughOutlook,webmailportalormobileapplications.

WithMimecast,yourend-userswillhavenoideathereisaproblem.Theycancontinuetosendandreceiveemailasiftherewasnofailure.Sotheyjustkeepworking.Onceyourserverscomebackonline,Mimecastwillsyncupwiththemandtheworldkeepsturning.

And,coolestpartinmyopinion,ifMimecastisalsoyoursecurityandarchivesolution,havinganoutagethatrequiresacontinuityassistfromMimecastdoesn’talteryoursecurityandarchivecapabilitiesintheslightest.Youarestilljustasprotectedandcompliant.

Sync&RecoverforExchangeandOffice365Ifyourecall,ImentionedinthelastchapterthatOffice365doesn’thaveapoint-in-timebackup/recoverysolution.It’sonereasonwhyIfeelaseparatedatabankarchiveisvaluableintheeventsomething“bad”happens–beithumanerror,technicalfailure,aransomwarestrikethatrequiresarestoretoapointintime,whateveritmightbe.

Inaddition,therearesomewhoneedmorethananarchive.Therearesomewhoarebackinguptoon-premisesinfrastructureorusingsomecloud-basedbackupsolutionbecauseMicrosoftsimplydoesn’tbackupthedataandtheywant/needthat.

WithMimecast’s‘Sync&Recover’solutiontheycanbackupemail,calendarandcontactswithoutadditionalhardwareorsoftware.Thissolutionassistsshoulddatabelostduetocorruption,accidentaldeletionorcyberattacks.

KeyTakeawaysDespitetherisksofmovingtothecloud,byaddingathird-partyall-in-onesolutionlikeMimecastyoucanmitigatethoserisks,eliminatetheFUD,andplanforsuccessratherthanhopeforit.

TheMimecastAdminConsole

So,that’smypersonalopiniononMimecast’sRiskManagementandCyberResiliencySolutionforOffice365.I’drecommendyoucheckthemout.Theaddedvalueyouwillreceiveatsuchareasonablepricepointisunbelievable.

Sponsored by Mimecast - Conversational Geek · • Office Graph: Uses machine-learning techniques...

Documents

Transcript of Sponsored by Mimecast - Conversational Geek · • Office Graph: Uses machine-learning techniques...