SaaS and Microsoft Office 365 – explained.
How to secure your business data efficiently
Nowadays more and more businesses face the challenge of protecting their data. Spam/ Phishing emails are everywhere, and every individual should know how to recognise malicious emails. You can read more about it in PART 1 and PART 2 of our article.
The cyber-security is crucial when speaking about businesses, as they have the difficult task of protecting not only their personal information but also of their partners and customers.
Business emails are the main tool for communication between business professionals, internal and external, and very often consists of sensitive information. Therefore, our opinion is that every business should consider using cloud-based services such as SaaS applications in order to protect its data.
There are many SaaS applications but as we want to pay attention to malicious emails and how to protect your business from them we will talk about Microsoft Office 365. But let’s first get a closer look at what is Software as a Service.
Software as a Service (SaaS)
SaaS is a model where you don’t buy any software licenses for applications you want to use but pay them on a subscription basis, instead. The applications run on the provider’s cloud infrastructure.
Why choose SaaS for your business:
- It’s trivial, but SaaS model saves you money. The reason for that is you don’t have the costs for purchasing hardware, software, maintenance, system administration, and so on. Your service provider is the one who will take care of everything related to the service;
- This type of software is designed to facilitate different processes in companies and reduce the time for performing various operations;
- It’s extremely flexible as you can access every application from everywhere in the world, from any device. The only thing you will need is an Internet connection;
- Estimated monthly costs – you pay only for what you use.
Microsoft Office 365
If you are a business owner looking for a reliable tool to protect your business data – Office 365 is something worth considering.
Microsoft Office 365 is a natural evolution of Microsoft Office designed to meet the ever-changing business needs. Office 365 is a cloud service that provides access to all known and used office applications. It’s complemented by a wide range of intelligent services that:
- enhance work efficiency;
- help for better, secure storage and sharing of information;
- save time;
- ease teamwork
There are many (positive) reasons why we would recommend using the SaaS-based application Office 365 – flexibility, cost-effectiveness, and the most important one – security.
Office 365 has many functionalities, but we would like to highlight the ones considering the SPAM emails:
- Daily reports for SPAM filtering. It shows what emails are being quarantined by the spam filter before a user can open them in the mailbox – this functionality gives users the opportunity to check if an email is legitimate before allowing it to reach the mailbox;
- Security levels. Protection can be set from 1 to 9 (“1” being strongest and “9” being the most relaxed) in terms of security. The standard is set to “7” and according to our experience, this seems to work best, once all allowed domains have been added;
- Quarantined emails are kept in the mailbox for a set amount of days. By default, it’s set to 15 days, but this can be changed;
- If you, as a user, cannot find an email in the quarantine report or may have missed it, the admins can search for the email to see if it is still there as they can see every email that has been quarantined.
Microsoft Office 365. Data loss prevention (DLP)
For businesses, it’s important not only to protect their data from hackers but also to protect sensitive information and prevent confidential data leakage.
Office 365 has functionality where every business can create its own DLP Policy. The very basic things that can be set up are the location (ex. SrarePoint Online, OneDrive, etc.) and what content needs to be protected. Setting up content protection consists of creating rules called conditions and actions.
Conditions – you can create a list of keywords. For example, if you want to protect health insurance numbers, credit card numbers etc. to be sent outside your organisation. The rule will be enforced only if a document consists ot these types of information.
Actions – this is the type of action you want to be taken when sensitive information is being shared outside your organisation. Your compliance officer can either:
- receive an email notification stating that a user within the organisation is trying to send sensitive information or;
- receive a quarantine email where he/ she has to authorise the email consisting the sensitive information.
Read here for more information about DLP Policy.
Office 365 is a flexible tool that grows with your business. It offers a variety of plans that you can use or combine to suit your company needs. If you want to know more about Office 365 and the plans we offer, please contact us.