As times advance so does the cyber threat landscape. As technology gets smarter, criminals become more adaptive. As reactive threat protection applications learn, day zero viruses thrive. So, what’s the answer? And do we really stand a chance against the biggest grossing and fastest growing industry in the world – cybercrime.
Yes, is the answer you are looking for. There are so many options when it comes to defending yourself and your business that you could argue there is no right or wrong way to go about it. The only judgement being if you fall victim to one of these attacks. And in reality, with the ever-present phrase clinging to cybercrime, “it’s not if, but when”, there is a high chance you have been attacked or affected in some way.
Today I have been considering Microsoft’s latest protection offering – Office 365 ATP to see how it stacks against its competition, as it fights to become the number one form of protection, for the number one communication method for businesses and therefore the most popular attack vector for cyber criminals, email.
Here are a few of the things I have considered …
As in any industry where you are receiving a service, each individual will have their own experience and therefore their own outlook on things. When we consider service level agreements this is certainly no different on email protection products as when something happens, we expect our provider to react quickly and effectively.
The age-old debate around bigger companies not caring and delivering poorly against service levels competes against smaller companies not having the resource to deliver against them is possibly the case here. What we do know is that big or small, all have service levels in place because none have a 100% record against cyber-attacks.
Microsoft deliver as a bigger entity here through vast resource; however, it is slow, and you must go through the channels of SLA resolution. Other competing products are supported on a much closer level, often through MSP’s such as Infinity, who can guarantee quicker support by offering their own SLA to the product having had training in it. Only very rare instances would an MSP need to relay a problem on to the software vendor and then the SLA would only be comparative to Microsoft.
Is it a good idea to have ‘all your eggs in one basket?‘
Trust is a huge factor in deciding whether to put all of your eggs in the Microsoft basket and have the same provider for your email SaaS solution and threat protection.
This is where we see solution stacking and 3rd party protection products offering real value. As well as standard protection a lot of third-party offerings include an element of continuity if you procure the right licence. This meaning that they offer continuity of your emails even if Microsoft is down which is a huge differentiator. On the rare occasion that Bill has a blip, these are the services that bridge the gap and keep you running without you or your users noticing.
It’s worth bearing in mind that if you are using Office 365 from Microsoft then you will already be benefitting from their standard email protection features that are inclusive as part of your Office 365 licence.
This means if you attach a third-party product you will benefit from both the basic Microsoft protection as well as your additional choice
Should you considering more than just email protection?
Are you looking at bolstering your defences against email security or in general and which offering is going to give you the most value?
Over the past weeks we have seen more of a shift in the way people work. While people have been using these services for a long time, there has been a mass adoption of collaboration suites. Mainly in the form of Microsoft Teams, and generally because it is included in their standard licence, so people are entitled to it. But how are these protected?
Third party products tend to be specific to email and email only. Microsoft Office 365 ATP covers more than this and therefore sits itself above the competition. Because businesses are utilising more of the collaborative features of Microsoft Office 365 such as Microsoft Teams, OneDrive and SharePoint to work on things from different geographic locations, is email protection enough? Office 365 ATP is officially the only product that is capable of protecting all three against threats traditionally only seen in email such as harmful URL’s and attachments. There isn’t a lot competing products can do at the moment about this but I believe it is only a matter of time until they too start to encompass this sort of protection into their offerings.
Whatever option you choose to use for your business, the deployment and configuration is key to the products success. If you are already using a third-party application, you will know that it is bespoke, and it will firstly require deployment across all users’ machines or devices and associating to their email platform. Secondly it needs to be configured to give the level of protection you desire. Both tasks are time consuming, sometimes complex but ultimately necessary.
In comparison, Microsoft Office 365 ATP is built into the Microsoft 365 product. Layering on top of its inbuilt protection the ATP side still sits within the standard Microsoft family and means that deployment is easy as it simply attaches to the existing licence. It also comes with an out of the box base level protection. while deployment may be easy, It does however still need configuration changes if you are going to get the most out of it and ensure protection levels meet that of third-party products.
It would be fair to say that businesses are spoilt for choice for email protection and thinking wider, but not as far as anti-virus, cyber protection.
Third party applications have a valid and strong position in the current market with additional capabilities at the higher end of their offerings. With their sole purpose and focuses on one are of security they can indeed consider themselves specialists in what they cover and are very good at it.
Microsoft without doubt are getting stronger in the protection field and may well get the upper hand moving forward as they dominate the market through their software offerings.
Microsoft is, and continues to be the most widely used software of its kind. In such, they have the ability and visibility to see and monitor their software. This includes the cyber threats that intrude on them around the world, every second of every day. Their database of known treats is therefore constantly growing and specific to their programs, making it hard for anyone else to keep up. The push from them has seen them breakthrough in 5 security categories in the Gartner Magic Quadrant at the end of 2019 and this is no mere coincidence, but a statement of intent.
All said, both options are very credible. Both require knowledge and expertise to get the best out of and both have positives and negatives. While Microsoft continue on their path for dominance, this is a field that they leave space for the other players in the market and it may well be the case that a multi layered approach is best option.
Each and every business has different needs. You need to do what is right for you. Infinity continue to provide what is right for our customers on a case by case business. Feel free to get in touch with any of the team if you want to discuss your requirements further.