Exchange Online (EXO) has a long list of features that delight end users and administrators alike. End users who were accustomed to the constant struggle of keeping mailboxes under quotas are a thing of the past in EXO with spacious 100 GB mailboxes and unlimited in-place archives. Administrators do not have to worry about storage expansions, infrastructure monitoring and maintenance. Exchange Online has become a gateway to the adoption of the modern workplace solutions in companies of all sizes ushering in the digital transformation.
Even though companies are trying to improve business productivity by providing several rich collaboration solutions to their end users; email is still widely leveraged. Email is also still the number one attack vector of ever-increasing cyber threats and breaches. Exchange Online Protection (EOP) email filtering service is included in every flavor of Exchange Online license at no additional cost and helps protect organizations against emerging sophisticated email targeted attacks such as spear phishing, social engineering, and spoofing. Although Exchange Online is being widely adopted there are many companies still using their existing message hygiene systems\services that they were in the on-premises environments.
Here are 7 reasons to leverage Exchange Online Protection (EOP) instead of the third-party message hygiene system you were using with the on-premises environment.
- Misinformation and Assumptions:
A third-party message hygiene system was leveraged in the on-premises environment, so it is still must be required in Exchange Online. Exchange Online Protection (EOP) email filtering service is included in every flavor of Exchange Online license at no additional cost and cannot be turned off. Office 365 Exchange Online Protection (EOP) can also be leveraged by on-premises Exchange environments.
- High TCO and low ROI:
You may have switched from CAPEX to OPEX by migrating to Office 365, but you are not leveraging all components of the Exchange Online license you are paying for if you are still using the third-party message hygiene solution. By not displacing the existing email gateway, you end up paying twice for the same product to two different vendors.
- Increased False Positives:
EOP effectiveness is reduced when a third-party solution is leveraged. Although some features such Exchange transport rules, malware filtering, and malicious URL filtering work, several features such as – IP reputation blocks, IP throttling, antispoofing checks, bulk mail filter, PTR lookups, SPF\DKIM\DMARC checks, IP allow entries do not work properly. This configuration leads to increased false positives and more email getting misclassified.
- Administrative overhead:
Additional administrative overhead to rectify the increased false positives that results from leveraging multiple message hygiene solutions. One-off solutions such as custom rules and exceptions will quickly become a norm to address the misclassified email, especially if Office 365 EOP end user quarantine is not allowed.
- End user training:
If you choose to rollout both third party solution and Office EOP’s end user quarantines, then users must be educated and trained to deal with increased false positives.
- Feature loss:
Office 365 EOP features such as below cannot be leveraged when third party message hygiene solution is leveraged.
- DMARC adoption has been gaining momentum especially in financial industry verticals to deter spoofing, but still many companies are struggling to implement or achieving the goal of DMARC Reject mode. Microsoft’s anti-spoofing leverages implicit email authentication and calculates a composite authentication based on cloud intelligence, sender reputation, and patterns to detect malicious spoofing even when the standard SPF\DKIM\DMARC records are not in place.
- It is no surprise that outlook junk mail integration always worked best with Microsoft solutions and the same is true with Office 365 as well. Managing the low-level confidence SPAM messages via junk mail and training Microsoft solution with Report Message add-in is intuitive to users and provides the best end user experience.
- Unauthenticated email in Outlook Web Access (OWA) shows a ‘?’ in the sender photo to warn users that email authenticity could not be verified. This feature depends on Office 365 being the first hop in the path of email delivery.
- Intelligent Client Tips and warnings on email based on the cloud intelligence and implicit email authentication.
- With sophisticated threats users might receive messages delivered to their inboxes where the content is weaponized after the delivery. Office 365 Zero Hour Purge (ZAP) addresses this by continually monitoring updates to the Office 365 spam and malware signatures. ZAP can find and remove previously delivered messages that are already in users’ mailboxes.
- Office 365 Advanced Threat Protection is more effective when Office 365 is the first hop in the path.
- Integrated holistic suite
Many organizations when choosing a solution are hung up about one feature that is not available in Office 365 compared to the existing solutions. Ensuring requirements are met by solution is of most importance when selecting solution, decision makers must keep in mind that Microsoft 365 platforms a tightly integrated holistic suite of products that complement each other and deliver more capabilities and features that any of third-party standalone solutions can match.
While there are outlier requirements such as address rewriting that may warrant the use of third-party message hygiene solution, in majority of the cases the third-party message hygiene solution can be decommissioned as Office 365 Exchange Online Protection more than fills the need. Reach out to New Signature if you want to get the most value for your money, delight your users, secure and protect your enterprise and transform your business.
If your organization is interested in learning reach out to us here.