Office 365’s user count exceeded 155 million in 2018. While this rise in popularity is a testament to the suite’s success, Office 365 hasn’t come without its security concerns.
Studies have revealed that 75.5% of all Microsoft Office 365 apps store highly sensitive information such as social security numbers, passwords, credit card numbers, and more. Clearly, MSPs must find a way to protect their clients’ data or risk losing their business.
Office Protect: A security option designed for SMBs
Office 365 security is like an insurance policy: You don’t think you need it until you actually do. Unfortunately, when it comes to security, MSPs face an uphill battle in convincing small-to-medium-size businesses (SMBs) that they need strict policies to protect their information.
Due to their already limited resources, SMBs are especially reluctant to allocate a portion of their budget towards security. Whereas larger businesses can afford to pay IT teams to monitor and maintain their systems around the clock on premises, SMBs are entirely dependent on MSPs and the services that they provide.
Moreover, while Office 365’s Enterprise versions (E1, E3, and E5) come with additional security features, these are usually inaccessible to SMBs due to budgetary constraints. Thus, SMBs are unable to take advantage of existing solutions within Office 365 to protect their data.
It’s because of these reasons that SherWeb created Office Protect: an affordable, comprehensive security solution that MSPs can use to bridge the gap between SMBs and their larger counterparts.
How does Office Protect work?
Office Protect does exactly what you’d expect: It protects Office 365 users and their data. It’s a solution designed to assist MSPs in managing their clients’ security needs within the Office 365 environment.
With Office Protect, MSPs can stay on top of their clients’ security events and reports without having to go through the ordeal of shuffling through multiple security settings or apps. Not only does this save time, but it also allows MSPs to stay abreast of the latest security-related developments.
On its own, even the basic version of Office 365 consists of several security features and settings that are designed to keep user data safe. The problem lies in the time and knowledge it takes to competently manage those security settings. Thus, many users remain unaware of the options available to them.
To address this issue, SherWeb streamlined the process by grouping all Office 365 security settings under one dedicated dashboard. This allows you to raise your clients’ baseline security considerably for a low cost.
As mentioned earlier, SMBs comprise a cost-sensitive target audience. When discussing security options with them, trying to up-sell Enterprise versions or third-party applications is futile.
While higher-end security solutions are not the answer, SMBs cannot continue to operate without some level of security or protection. At a time when data is the main catalyst for growth, having some form of security is essential, not merely a luxury.
With Office Protect, you can gracefully slip security into the conversation as part of your core Office 365 offering. And while it’s relevant to any organization, Office Protect is particularly designed for users who do not have any compliance or regulatory requirements and who are looking for affordable security options.
Office Protect: What’s in it for clients?
Office Protect is designed to enable MSPs to provide maximum security to Office 365 users. Its interactive, user-friendly interface lets you add tenants while also overseeing activities within the client’s account.
However, an important point worth noting is that while Office Protect can actually implement some settings when configured—such as blocking emails that that have potentially harmful file extensions in their attachments—this is not its main function. Rather, Office Protect is designed first and foremost to provide a comprehensive history of security-related events and monitor all such events to notify MSPs of anything that’s worth investigating.
Office Protect can identify and flag unusual security events that would otherwise go unnoticed, but how to resolve such issues is at the discretion of either the MSP or the client.
Let’s take a look at some of the key Office Protect features and their details.
This is the control room of your Office Protect service, providing a bird’s-eye view of every activity that has taken place in a client’s Office 365 account.
The dashboard provides a comprehensive overview of several important features, including:
- The number of security-related events that take place on a per-day
- The last time Office Protect ran a security check
- The number of users protected under your Office Protect service
- The date when the next weekly security-related report (Digest) will be sent
- The number of security alerts that have been configured
- A list of the most recently reported security events
- The security setting profile that you are currently running
As the name implies, the Settings option allows users to analyze and modify individual settings for each account associated with Office 365.It’s worth emphasizing that while Office Protect can take action in response to certain security events, it ultimately gives MSPs and their clients the final say in what happens and to investigate those issues however they see fit.
These settings, which are otherwise scattered across Office 365, are now presented to you in an organized, simple manner.
SherWeb has gone a step further and created pre-defined profiles that feature settings unique to certain security levels. Here are the profiles you can select:
1. Low user impact
This profile was created for those who want just enough security in place that it doesn’t impact the end-user experience in Office 365.
2. Recommended best practices
Before we get on with the details, it’s important to note that the settings in this category are based on our research and experience. The best settings for every business differ with their niche, size, and other factors.
These settings are the midpoint of the two extremes. They include a number of security options that impact how users operate Office 365, but not by a wide margin.
3. Max security
This is for clients who operate in an industry prone to security issues; it basically locks down most of the settings that Microsoft has left open by default. This has a major impact on how users can use Office 365. But, on the flip side, it reduces most of the vulnerabilities in Office 365.
4. Custom profile
While SherWeb researched its clients and analyzed different behaviors and industries before creating pre-defined profiles, our clients still have the option to customize their settings. Once you’ve picked any profile, just click Apply, and you’re all set.
The Monitor pane is dedicated to the analysis, review, and configuration of any threats that can affect your Office 365 account.
There are various trigger events that can be customized to send immediate alerts to the client. For example, a client may wish to receive a notification when there’s a change in the administrator role. These can also be set up to be sent as part of the weekly digest so that you can periodically review account events that take place.
This is a significant improvement over the complicated Audit Logs of Microsoft Office 365, which track every single activity in a disorganized user interface. In short, SherWeb has hand-picked relevant alerts that are the most important for our clients.
Sherweb’s Office Protect is continuously updated with newer security-related events and triggers to look out for, so MSPs are always at the forefront of every event that may potentially compromise the suite’s security.
Additionally, as an MSP, you can configure the system to send alerts to your email while your client receives the weekly digest. This way, you can ensure that your client is always in the loop without being overwhelmed by all the real-time alerts.
Once you’ve monitored and administered every event, you’ll need additional information to help you make relevant decisions about your client’s security.
Here are some questions that are answered under the Reporting tab:
- When did the event occur?
- What were the details of the event?
- Where in Office 365 did the event occur?
- Which users were involved?
- What was the source of the event, and how did it get reported?
Additionally, MSPs have the option to filter reports by Office 365 users or events and send filtered, specific reports to clients. If you want, you can even export the file to a CSV.
Ready to get started?
If you have a hard time convincing your SMB clients of the need for security features, consider positioning Office Protect as an affordable solution designed specifically to address their problems. With Office Protect, you can provide significant value for just $2 USD per Office 365 seat.
Once your clients recognize the importance and benefits of increasing their baseline security, they’ll be more likely to contact you for higher grade protection, paving the way for future conversions. Contact us today for more information on how office protect can help your business.