Skip to main content

Top 4 Email Security Tips for Office 365 Administrators

By November 19, 2015June 14th, 2017Blog

If your organization has implemented Office 365, you’ve probably already developed some strong opinions—whether negative or positive—about the cloud services platform. Whatever your stance, you would probably agree that its email security could be a bit tighter and more intuitive, especially against spam and phishing attempts.

Like most Microsoft products, Office 365 is going to require some tweaking to get the security where you need it to be. Luckily, beyond your typical email filtering techniques, Office 365 also includes room for tools and apps that can improve visibility into your company’s email security.

Here, we take a look at four of the top email security tips for today’s Office 365 administrators:

1. Fine-tune your mail filtering.

Much like Outlook, Office 365 provides multiple ways to customize email security filtering for your own organization. You can change the default spam-filter policy for your entire organization in order to tighten the criteria for a malicious message. You can also filter out varying amounts of bulk mail, which greatly helps to reduce incoming spam.

The Exchange admin center gives you the option to move all spam messages to the junk email folder, or delete or quarantine messages that are flagged as spam. You can even have suspicious emails delivered with X-header text or direct them to a secondary email address that users can regularly check for false positives.

In addition, you can build lists of known senders and spammers so that messages sent from specific IP address are automatically treated accordingly. On the International Spam page, you can choose to filter emails that are written in certain languages or sent from specific countries or regions. This helps to do away with a lot of international spam, especially if your company does not do a lot of communicating with non-U.S. entities.

2. Keep an eye on overall email activity.

An Excel plug-in called Mail Protection Reports will enable you to track data and automatically create spreadsheets about your organization’s email activity in Office 365. You’re required to have Excel 2013 to make this work, but the tool can be useful for keeping an eye on things like inbound spam levels, top 10 senders and recipients, and more. This level of visibility can be invaluable when assessing the email security risks facing your company—and what steps might help improve your level of protection.

3. Scan for problems.

Microsoft offers several downloadable tools that will scan your Office 365 email to find any potential problems that are leaving you vulnerable. This can be particularly helpful when working to seamlessly connect Outlook and Office 365. And if any problems are found, you can use Microsoft’s Hybrid Environment Troubleshooter to determine your next steps.

4. Introduce additional layers of email security.

For many companies, the antivirus and spam detection tools included with Office 365 may still leave users vulnerable to spam, malware and other schemes. Restricting bulk email can lead to false positives, while redirecting spam can open you up to user error. And Microsoft’s approach to whitelisting doesn’t take into account phishing and spear-phishing, which are becoming increasingly common.

Regardless of the size of your company, it’s wise to add additional layers of security to your Office 365 platform, especially as email security threats continue to evolve. Seek out a solution that includes layers of protection, such as sender address verification, antivirus, malware protection and individual user communities, all of which can work together to detect nearly every type of spam and unwanted mail.

Your organization requires the highest level of protection from spam and bulk mail. But IT shouldn’t be stuck continually tweaking bulk email settings and maintaining junk email filter list files. Instead, opt for a comprehensive email security solution that is both flexible and intuitive. Learn more about Sendio’s Opt-Inbox™.