As industry marches to a digital and mobile first approach to technology, we are running the risk of greatly enhancing the attack surface for cyber-criminals, making it more important than ever to ensure day-to-day apps are secure.
This is according to Thiani Naicker, Microsoft Practice Business Lead at Westcon-Comstor Sub-Saharan Africa, who further advises businesses to look at what existing security each software investment already has built in.
“Microsoft has done a fantastic job at not just building software but using the telemetry at its disposal to build security solutions natively into its services. A good example is the Advanced Threat Protection (ATP) capability built for Office 365. Driven in part by the growing demand for its cloud services but also by growing cyber threats, the company has listened to clients who have demanded that its solutions offer simplified security at the heart of each application,” says Naicker.
The Office 365 Advanced Threat Protection (Office 365 ATP) solution is part of a family of ATP offerings from Microsoft that protects e-mails and data contained within Office 365 for SharePoint Online, Teams and OneDrive for Business to name a few. In short, the vendor is providing zero-day protection against malware with ATP.
ATP is effective because it analyses all Office 365 files in what Microsoft calls its “detonation chamber”, using advanced analysis to determine how a file will behave when a user opens it. If the security software detects suspicious behaviour it will automatically block the file. This is particularly useful in the event of phishing attacks where users are encouraged to open files or click links that then surrender their credentials.
“ATP also protects an end user against malicious URLs or web links within an e-mail or document, something that remains one of the most difficult issues for a security professional to control. If a link is seen to be malicious, ATP will block the link so that the end user never actually lands on the insecure page.
“Core to all of this are the machine learning models that Microsoft has threaded through all of its security offerings. By using pattern detection and AI, ATP builds up an understanding of who a user communicates with as well as the nature of communication, this helps identify when an email is impersonating a regular contact,” she adds.
Office 365 ATP is one of three key technologies in the Microsoft ATP solution set, the others being Microsoft Defender Advanced Threat Protection and Azure Advanced Threat Protection. All of which are today available through Westcon-Comstor. When used together, they help to reduce the attack surface by ensuring a client’s data is secured from all access points into a business.
