Email security is always important for RIAs. But we’re human and it’s easy to make mistakes as scammers get better and more sophisticated. Phishing emails increasingly look like they are coming from a credible source. It may look like an email from your boss asking you to send a wire to a new account. Or an email from a coworker asking you to confirm details with a link that prompts you to login with your Office 365 credentials to open a document.
We shouldn’t rely on our employees to be perfect. It’s even more important than ever to lean on technology to be better gate keepers.
How good is your IT security? Get the 1-Page IT Risk Scorecard for RIAs (Free Access)
The good news is, there is help available – possibly from your existing Office 365 subscription. Microsoft Advanced Threat Protection (ATP) takes you beyond consumer-grade protection for your email security. It brings a full, enterprise-level strategy to your email security. And it is enterprise-level IT that should be the target for all RIAs, regardless of size.
Advanced Threat Protection from Microsoft
Microsoft offers Advanced Threat Protection for their Office 365 subscription, aptly named Office 365 ATP. It is split into two plans, both with impressive features. Plan 2 providing additional automation, investigation, remediation, and educational capabilities.
ATP is included in some Microsoft Office 365 subscriptions. Microsoft 365 Business Premium has Plan 1 while Office 365 E5, Office 365 A5, and Microsoft 365 E5 have the Plan 2 available.
So, what’s available with Microsoft ATP? Here are some of the highlights that will help your RIA secure your email.
ATP Safe Attachments
We’re not always sure if an attachment we receive is safe. With ATP Safe Attachments, attachments are analyzed in a special environment set up by Microsoft where it is compared with other known malicious types of files to determine if it is legitimate or not. If everything looks good, e-mail will arrive at the end-user inbox without them noticing any changes to their current workflow.
But what about those infamous zero-day malware and threats that the world doesn’t know about yet? Microsoft uses machine learning to analyze the attachment to confirm if any of the patterns the file is using are read flags and tell-tale signs of something nefarious.
Unless it’s through a link, right?
ATP Safe Links
No more hovering over a link to try to confirm if it is legitimate or if you’re one click away from having your personal or corporate information stolen by an unknown party.
Office 365 ATP offers link verification. It confirms the safety of links shared through e-mail and Office documents. It actively reads the link to verify if it leads to a malicious or phishing site. Suspicious links are actively blocked, and legitimate links can be clicked without issue.
ATP Anti-Phishing Protection
But what about those phishing attempts that try to impersonate your boss or co-worker?
The ATP Anti-Phishing Protection features can identify if someone is trying to impersonate an employee or a website domain that belongs to your company. Microsoft achieves this by passing e-mails through specially designed machine learning models with algorithms and built-in scenarios are built to identify this kind of fraud.
ATP for Sharepoint, OneDrive, and Microsoft Teams
But what about attacks that don’t come via email? Malicious document can also be shared through your SharePoint or OneDrive by an end-user. Documents and links can be shared through other apps too, like Microsoft Teams.
The same method is used when any file or link goes in or out using any of these end points. Malicious files and links are blocked so end-users cannot access or share them.
It’s not realistic to expect your employees to recognize every attack that comes in via their email. Tools like Microsoft’s Advanced Threat Protection lets your RIA leverage world-class, enterprise-level technology to protect your business. It’s likely part of your current Office 365 subscription and simple needs to be configured properly to meet the specific needs of your RIA.
If you’re not sure if you’re using ATP features right now, contact your IT service provider to find out. If you have questions or need assistance with getting this set up, contact us today and we’ll be happy to help.