Introducing Cisco Cloud Mailbox Defense
The number of UK companies utilising Microsoft Office 365 as of February 2020. The requirement for remote working is only going to see this number increase with Gartner expecting 70% of public ad private organisations to be using cloud email services by 2021.
The numbers are not surprising. Microsoft 365 is the go-to for remote working capabilities with the applications and services able to run on any device.
Gartner recommends that organisations do not rely on the in-built security measures available within Office 365 and the reasoning is simple. Microsoft services way too many customers to keep a track of all vulnerabilities and methods being used to gain access, spread malware, or phish organisations.
Top Email Security Threats
Business Email Compromise (BEC)
Between 2016 and 2020 Organisations have lost over 20 Billion pounds due to Business Email Compromise.
Expected that Ransomware is due to be a 15-Billion-pound industry this year.
Over half of all phishing sites are utilising compromised hacked domains
Over 10 Billion malware attacks in 2018
Traditional Email Security
Traditional email security relies on altering mail flow and changing MX records to pass the email through either a cloud security service or an on-premise security service with internal emails often not being scanned for malware or phishing URLS.
Cisco Cloud Mailbox Defense
Cisco Cloud Email Defense has been designed to work in conjunction with your existing email threat detection and remediation tolls whether that is the native security that Microsoft offers or an Email Security Appliance (ESA).
Designed and built from the ground up to work solely for Microsoft Office 365 accounts Cisco Cloud Mailbox Defense is uniquely positioned to lead the way for securing Small to Medium sized organisations and their users.
Set-up and secured in 10
Cisco Cloud Email Defense is hosted within Microsoft Azure meaning that the security solution is hosted in the exact same space that your emails are being hosted. As there are no changes needing to made with Mail flow it can be deployed in minutes with no user downtime and no need for any changes to MX records.
Protection & Use cases
Account takeover attacks
Cloud Mailbox Defense scans and remediates against all types of messages including internal messages, because of this Cloud Mailbox Defense can spot lateral movement alongside internal malware propagation which is usually seen immediately after an account takeover. Cisco Cloud Mailbox Defense will alert in real time if this happens so you can lock account access down and prevent future attacks form happening.
Direct Integration with Microsoft’s Cloud
Augment and Improve on Microsoft’s existing security controls with Cisco Mailbox Cloud Defense and the global leverage of Cisco Talos. As Mailbox Cloud Defense is directly hosted within Microsoft’s cloud your email security is as close to your mailbox as it can be.
Cisco Cloud Mailbox Defense leverages Cisco Talos to give you the same protection that Cisco Advanced Malware Protection would provide within your Office 365 email environment.
Cisco Cloud Mailbox Defense scans all URLs contained within emails to see how risky they are and can remediate based on the outcome, all by leveraging against Cisco Talos.
How does it look?
Designed to be simple to setup and use the dashboard consists of three main elements.
- The homepage where you can search by URL, Subject Line, Recipient or IP address.
- Search page to find further indepth information
- Reports to drill further down into email activity
Contained within the search page view where messages originated from and what malicous content or attachments were contained within to ensure you can remediate as quickly and effectively as possible.
Within Cisco Cloud Mailbox Defense view the counts of emails sent & recieved within a time frame alongside viewing the number of emails containing malware or phishing links.
Cisco Cloud Mailbox Defense settings are incredibly easy to use and configure. You can set the security to only audit emails and not take any action or to automatically remediate any issues that are found.