F-Secure Cloud Protection for Microsoft Office 365

F-Secure Cloud Protection for Microsoft Office 365 helps organisations mitigate their business email risks by providing effective threat protection against increasingly sophisticated phishing attacks and malicious content as well as URL protection for users. Whenever an end-user receives or creates a Microsoft Outlook item, such as email, appointment, task, contact, or note in their mailbox, the solution analyses all included attachments and links for harmful content, such as malware, Trojans, ransomware, or phishing. The solution also provides rich reporting, advanced security analytics, and system events to ensure faster response to the identified potential threats. F-Secure Cloud Protection for Microsoft Office 365 also comprises a management portal and easy-to-use dashboard for daily administration and a service backend so that you do not need to install any additional software or make any changes to your network configuration to start using the solution.

There is often the misconception about cloud security in that some users believe that when they purchase a cloud service, the cloud provider is responsible for the security as well. They are partly right, but with cloud services there is a model called the shared responsibility model, which states that cloud providers are responsible for the security of the cloud, and customers using the cloud are responsible for security in the cloud. In practice, this means that the cloud provider takes care of the physical security of data centres so that no-one can physically break into their facilities and undermine the security of the underlying platform. Cloud providers also take care of the authentication, identification, and user and admin controls. In GDPR terms, cloud providers are Data Processors. Customers using the cloud services are responsible for the security of data stored in the cloud. This includes taking care that there is no malicious content or targeted attacks, internal data security risks, deception, or social engineering by offering security behaviour training to their employees. This means that customers using the cloud services are responsible for the security of their email. They are the owners of the data. F-Secure Cloud Protection for Microsoft Office 365 processes the MS O365 user mailboxes to analyse file attachments and web links included in the body and headers of Exchange items such as email, calendar appointments, tasks, contacts, and sticky notes in inbound, outbound, and internal traffic. High-risk files are also subjected to a deeper analysis with F-Secure’s cloud sandboxing technology, which is designed to prevent zero-day malware attacks and other advanced threats.

F-Secure Cloud Protection for Microsoft Office 365 supports cloud-to-cloud integration without needing to install additional software or making changes on the server or clients. The protection is totally platform-agnostic and capable of detecting threats regardless of which device or application is used to access the Exchange mailbox items. Administrators can configure the service for scanning the MS O365 Exchange user mailboxes and provide comprehensive protection in just few minutes. The security alerts widget provides quick and easy access to the most recent security alerts for an organisation, sorted by the severity of the alert. The sorted list helps administrator to prioritize high-risk alerts immediately with detailed information about the found malicious content in the user mailboxes. Similarly, the mailbox and protection status widgets show the total amount of scanned and unsafe items. The widget also shows the type of actions taken to protect against the malicious content, such as quarantine or delete.

Many IT departments do not know what kind of content their users are sending or receiving via MS O365 Exchange items. That knowledge is often helpful, as IT administrators may, for example, find malicious files or URLs that should not be shared via MS O365. Furthermore, a better understanding of internal customer needs and use cases helps administrators to serve their organisation more effectively. With powerful search functionality, solution administrators and IT security departments can investigate content-based attacks very quickly. F-Secure Cloud Protection for Microsoft Office 365 also provides rich reporting capabilities for administrators to report on the security status of the protected environment at any time in an easily sharable format. The administrator can define the content and schedule (daily, weekly, monthly) reports to be automatically generated, and have the reports readily available in the portal for downloading. In addition, administrators can add a summary of the security status of the environment as a message that is added to the beginning of the generated report.
Find out more about F-Secure’s Security Cloud in the Security Cloud Whitepaper and Security Cloud Privacy Policy.

The F-Secure Cloud Protection for Microsoft Office 365 Solution Overview.
The F-Secure Cloud Protection for Microsoft Office 365 Product Brochure.