Blog

Why We're Using Advanced Threat Analytics

Why We're Using Advanced Threat Analytics

04/07/2016

Advanced Threat AnalyticsIf you spend any time around us (or reading our blog!), you'll hear us talk about security. Security is so critical to us because it transcends the idea of our job as your IT solution provider.  It actually starts with you – the end user – who is interacting with data on a day to day basis.

One of our favorite new features, designed specifically to help you as the end user, is Advanced Threat Analytics from Microsoft.  This is available as an add-on to existing Office 365 subscriptions or as a stand alone license.

What is Advanced Threat Analytics?

Advanced Threat Analytics (ATA) is a service added to Office 365 to detect suspicious activity and prevent malicious attacks from hitting your network. It combines the typical ‘analysis’ that happens with security products (such as anti-virus) with machine learning - meaning that over time, it actually gets smarter. 

You’ve probably heard a lot about artificial intelligence (AI) in the last few months and while this isn’t technically AI, it does analyze the behavior of a company (or user) over time to determine what is normal vs irregular.  By knowing what is normal versus irregular behavior, ATA can help identify potential security issues earlier in the process.

Why We Love It 

While the machine learning stuff is cool, the reason we're loving ATA so far is what it does to protect you at one of your most vulnerable points - email.

The most common way malware spreads in organizations today is via email.  Most commonly, this is done via links embedded in emails that look legitimate or via attachments.  This service adds a layer of protection for each:

Safe Links:  Safe Links scans inbound emails to make sure that the links that are shown in the email are actually redirecting users to the places where they need to go.  If the links are unsafe, they are removed from the email before being sent to the recipient.

Safe Attachments:  Safe Attachments actually opens unknown file types in an environment separate from your environment to detect potentially malicious activity.  If the attachment is unsafe, the message is delivered to the recipient without the attachment.  This is especially useful since a very large percentage of malware/ransomware is delivered via malicious attachments (most commonly documents and PDFs).

ATA blocked 8 malicious files from entering our organization in less than two weeks after implementation - pretty good when you consider we already have a pretty restrictive rule in place about what kind of files can enter our organization.

We've already started contacting our current customers about implementing ATA - if you'd like to jump the line, please let us know!Sign Up for Our Newsletter

   
New Call-to-action

Posts by Topic

see all