Paralogic Networks
01844 293330


Office 365 outstanding cloud success story but users need to employ email security best practice

office365image3Microsoft Office 365 just works!

It’s 5 years and a few months since Microsoft Office 365 launched as a commercial product and around two and a half years since it was upgraded to its current format.

During this time, it has set some significant benchmarks, including being Microsoft’s fastest ever growing product. Under the stewardship of CEO Satya Nadella Microsoft has pursued its cloud strategy very effectively. Office 365 is akin to the jewel in the crown as it is now the single most popular enterprise cloud service, and is reckoned to be used by one in five employees.

The reason, with which many that use O365 will agree, is that it is quite simply an outstanding product. From the perspective of many users and IT department’s it just works, and it performs very well while reducing support and administrative requirements.

If we had to identify one aspect that really does make a difference it is putting Outlook email into the cloud. Just ask anyone that has had to manage, backup and restore the Mail Store of an on-premise Microsoft Exchange server how much anxiety is attached to the dreaded call to support that says: “Email has gone down.”

Cybercriminals targeting Office 365 users

As with any successful product there are those that try to exploit and cash in by piggy-backing on its popularity. Cybercriminals are targeting Office 365 users with malware customised to get through Office 365’s built-in security tools.

One good example is the ransomware known as Cerber. This has been around for most of 2016, but this summer a zero-day attack (the first observed use case) saw a Cerber variant specifically written to bypass the Office 365 platform’s defences.

Avanan, a US cloud security provider, estimated that roughly 57 percent of organisations using Office 365 received at least one copy of the malware into one of their mailboxes during the attack. Deploying a best in class cloud email security product like Mimecast may be effective, however, top-rated security tools are not a replacement for best practice and the use of common sense by email users.

Email security best practice from Paralogic

It is important to educate and remind users of some basic rules because you simply cannot afford to let complacency take hold when it comes to security best practice.

Paralogic recommends users follow two key time tested rules of email security best practice.

  • Not opening email
    • Don’t open email from people you don’t know or messages you are not expecting.
    • If you get an odd message from someone you know, treat it with suspicion because it may have come from an infected user’s account.
    • If curiosity gets the better of you and you open such a message, do not under any circumstances open attachments or click links in such emails.
  • Avoid .EXE files 
    • Best policy is to block all email activity related to .EXE files; use workarounds such as password protected ZIP file containers if you must use them.

We help over 1000 businesses and have assisted many with Office 365 Migration. To find out more about how we can help you to get more out of your investment in business technology simply get in touch today.

Click here to download our FREE ‘Client security briefing: Defending the ransomware threat’.

Click here to see the article ‘Cerber Strikes With Office 365 Zero-Day Attacks’ at information security website Dark Reading.

Click here to see ‘Widespread Attack on Office 365 Corporate Users with Zero-day Ransomware Virus’ at

Do you want some free, Strategic IT support?

Get started with a free one hour IT consultation. Discover the latest technology and discuss your current and future IT requirements.

Talk to us ›