Why Local Government Should Consider Third-Party Expertise to Manage Office 365 Cyber Risk

by Simon Edwards

Local government in the UK is increasingly encouraged to migrate to the cloud to drive efficiencies and improve agility and productivity while minimising costs. Office 365 is an obvious choice here, especially as Microsoft is changing its discount structure to encourage greater take-up. But there’s still a great deal of uncertainty and anxiety in the sector around cloud infrastructure, especially cybersecurity concerns.

That’s why Trend Micro has developed a new white paper for local government IT managers. It explains how working with trusted third-party providers can enhance existing protections in Office 365 and minimise risk as organisations transition away from GSI secure email.

Pros and cons
There’s no doubt Office 365 holds many benefits over on-premise software. Trend Micro research outlined in the report reveals just a few: improved user productivity through anywhere, anytime access; a reduction in IT infrastructure overheads; predictable, fixed costs; and agility in being able to scale licenses up and down. That’s not to mention the financial benefits of migrating thanks to the government securing preferential pricing from Microsoft.

Yet understandable concerns persist among local authorities around taking this leap into the unknown. There’s uncertainty around how best to deploy Office 365. IT managers want to know whether to migrate in phases, and what apps and security protection is available with the various licensing options. Raising the stakes even further is the planned migration from the GSI-family of email domains that the government has been using for over 20 years. The idea is to hand more flexibility and commercial control to local authorities and departments, but it also raises the stakes for email security.

Email remains the number one vector for cyber-threats, according to Trend Micro research. We blocked over 66.4 billion threats last year of which over 85% were emails containing malicious content. Phishing remains one of the most popular ways to spread malicious code including ransomware and harvest credentials en route to sensitive data exfiltration.

It’s not all about external threats, however, as email is also a major source of accidental data leakage. Data emailed to incorrect recipients and failure to use BCC are among the most common mistakes leading to incidents reported to the ICO.

Help from the experts
With these concerns in mind, our latest white paper looks to cut through the noise with some expert guidance from the National Cyber Security Centre (NCSC) on secure implementation of Office 365. Microsoft has done a great job overall of building in protections and controls. However, we’ve also outlined where there may be gaps you need to fill to ensure the product meets strict government requirements in areas like email security, archiving, eDiscovery, disaster recovery and backup.

For example, Trend Micro™ Cloud App Security™ has stopped six million high-risk threats that weren’t detected by Microsoft over the past two years. Our offering provides state-of-the-art threat and data protection for Office 365, including email, SharePoint and OneDrive. Among other things there are advanced features like pre-execution machine learning, document exploit detection and behaviour analysis to spot threats like ransomware, Business Email Compromise (BEC) and more that may otherwise go unnoticed.

To find out more read our white paper, Office 365 in Local Government: Enhancing Built-in Protection with Third-Party Security.

Trend Micro’s hugely popular CLOUDSEC conference is back for 2018, offering you a chance to hear from some of the leading figures in cybersecurity, get the latest on industry trends and emerging threats, and network with peers. Places are limited so book your spot today.

What: CLOUDSEC 2018
When: Tuesday 4 September
Where: Park Plaza Westminster Bridge, London

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.