Skip links

office 365 advanced threat protection

Office 365 Advanced Threat Protection spells trouble for 3rd party solutions

Email is notorious for being one the most common sources of malware and ransomware, and protecting against these cyber threats is a critical concern for most organisations.

In the past, the easiest and arguably most effective way of protecting email at enterprise level was to use a specialist third-party service. These days, organisations using Microsoft Office 365 have some very powerful alternatives available to them, far closer to home to protect them from malicious attacks – Office 365 Advanced Threat Protection (ATP).

Microsoft’s answer to threat protection

Microsoft takes a somewhat layered approach to threat protection, giving organisations the ability to tailor their defences according to their risk profiles. Let’s take a quick look at what those layers are, before we dive into why they’re making third-party equivalents look so much less attractive.

Level 1: Exchange Online Protection (EOP)

EOP is Microsoft’s default, cloud-based spam and virus filter for email. It uses multi-layered, real-time protection to effectively eliminate 100% of known viruses and 99% of spam before any of it reaches your corporate firewall or Office 365 boundary.

EOP is available as a subscription service, but is built into Office 365 E3 and E5 licences, which means most enterprises using Office 365 will have this functionality already. For some of them, EOP is sufficient protection on its own, but those with more sophisticated security requirements might want a little more protection.

Level 2: Office 365 Advanced Threat Protection (ATP)

While EOP can recognise known threats in transit, it can’t identify zero-day (brand new, never-been-seen) threats, or “explode” emailed links or attachments to find hidden threats lurking inside. This is where ATP comes in.

Office 365 ATP proactively screens for unknown and evolving threats in real time by “detonating” potential carriers (email attachments, embedded URLs, files linked to malicious websites, etc.) in a secure, sandbox environment, before they can penetrate organisational boundaries. This allows new and hidden threats to be neutralised and blacklisted before they affect a single user – a great example of effective zero-day protection.

In addition to its proactive protection, ATP also uses machine learning and heuristic clustering to detect emerging patterns behind threats. These insights are presented via a graphical interface that makes managing organisational health a breeze – particularly when it comes to identifying potential weak spots and risky user activity.

Office 365 ATP is built into the Office 365 E5 licence tier, but is also available as an added extra on lower level licences. This is a popular and cost-effective option for smaller, security-conscious organisations who don’t need the rest of the functionality of an E5 subscription.

The Microsoft Advantage

From a functionality perspective, the combination of EOP and ATP easily rivals the best third-party email hygiene solutions, but the real advantage of Microsoft’s threat protection lies in the nature of Microsoft itself.

Comprehensive threat awareness

As the largest and most widely used technology company of its type in the world, Microsoft is actively monitoring cyber threats across its entire, global ecosystem every second of every day. The result is an unrivalled – and constantly growing – database of known threats against which Microsoft users are defended. That’s difficult to match as a third-party solution provider with a dramatically smaller footprint.

More than just email protection

Third-party products also tend to protect email and only email. Office 365 Advanced Threat Protection, on the other hand, is expanding across all Office 365 workloads, and will soon include SharePoint Online and OneDrive for Business as well as Office Pro Plus apps like Word, Excel and PowerPoint. It’s officially the only ATP service capable of protecting this kind of workload variety in the Office Productivity Suite. No third-party solution can offer anything close.

No additional deployments required

Unlike third-party solutions, EOP and ATP don’t require additional deployments or infrastructure to activate. They’re built-into the Office 365 environment and are designed to tie perfectly into your existing Windows ecosystem, out the box.

Easy integration

Being able to bring threat protection under the Microsoft banner offers more than just the convenience of having everything under one roof. It means you can integrate EOP and ATP into your broader DLP, information protection and mobile device management strategy and achieve far more comprehensive protection with far less complexity.

So where do third-party vendors stand?

If we’re going to be honest, things aren’t looking good for third-party email hygiene solutions in the Office 365 environment. In most cases, the native options are just too easy and too effective to make it worthwhile looking outside the Microsoft stable. It’s a trend we’ve been seeing more and more of as Microsoft steadily improves and enhances its cloud environment, and it’s unlikely to be the last time we see third-party vendors fighting for their lives.

Cloud Essentials is a Microsoft Gold Partner specialising in Office 365 migrations and feature implementations. We can help you get to grips with ATP’s capabilities and help you compare and contrast what it delivers vs what you’re used to with an existing 3rd-party solution such as Mimecast, Symantec/MessageLabs or Trend Micro ScanMail.  Whether you’re planning a migration or if you’re already using Office 365, we can also help you configure ATP for optimal protection.

Simply get in touch to find out more.

Working with advanced threat protection, archiving and DR in Office 365
Download the brochure
Protect your organisation from internal threats
Learn more
Share