Microsoft Adds Another Layer of Protection to Exchange Online

A bulletproof inbox? Beyond spam and phishing, Microsoft seeks to protect email users from zero-day threats and malicious yet stealthy URLs.

email security

Office 365 customers can already block spam, phishing scams and emails that contain malware with Microsoft's cloud-based Exchange Online Protection offering for $1 per user per month. Hackers, meanwhile, are growing craftier, and inboxes are under assault from more sophisticated attacks, according to Shobhit Sahay, technical product manager for Microsoft Office 365.

Microsoft's answer is Exchange Online Advanced Threat Protection (ATP), which is currently in preview and is scheduled for release this summer. The product is "a new email filtering service that provides additional protection against specific types of advanced threats," revealed Sahay in a company blog post.

Those threats include unknown viruses and malicious URLs masquerading as harmless Websites.

Currently, Exchange Online Protection guards against known viruses and malware with three detection engines, noted Sahay. Soon, organizations will be able to add another layer of protection that seeks out zero-day threats called Safe Attachments.

Messages that arrive at inboxes protected by Exchange Online ATP are evaluated in an advanced virtualized setup hosted by Microsoft. "All messages and attachments that don't have a known virus/malware signature are routed to a special hypervisor environment, where a behavior analysis is performed using a variety of machine learning and analysis techniques to detect malicious intent," Sahay explained. "If no suspicious activity is detected, the message is released for delivery to the mailbox."

Email security is just one of many areas to which the Redmond, Wash., software maker is applying its machine learning research. The technology is being used for the company's Bing search engine, its Cortana digital assistant and, of course, its Azure Machine Learning product for big data analytics in the cloud.

Another new feature, Safe Links, detects URLs that masquerade as legitimate links and redirect unknowing users to risky sites. "ATP's Safe Links feature proactively protects your users if they click such a link. That protection remains every time they click the link, as malicious links are dynamically blocked while good links can be accessed," Sahay said.

Finally, ATP offers IT security researchers and personnel tools to help them unmask who is trying to compromise their organization's data security. New reporting and tracking features enable users to "gain critical insights into who is getting targeted in your organization and the category of attacks you are facing," he stated. "Reporting and message tracing allows you to investigate messages that have been blocked due to an unknown virus or malware, while the URL trace capability allows you to track individual malicious links in the messages that have been clicked."

Exchange Online ATP will cost $2 per user per month for Office 365 commercial customers. Government pricing will be $1.75 per user per month.

Businesses have been stepping up their email security efforts over the years as spam and phishing attempts have evolved from time- and resource-consuming nuisances to the opening salvos of costly data breaches.

Last month, PhishMe announced that it had raised $13 million from venture capital firms to help enterprises keep their users safe from phishing scams. PhishMe's approach involves changing employee behavior with bite-sized online training programs.

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...