Executive Summary

Office 365 is a robust and capable cloud service that does a wide variety of things for a mass-market audience and provides useful security, compliance, productivity and data protection capabilities. In the areas of data protection and security, it can be argued that Microsoft has done more to protect user data than any other SaaS provider. It is also true that third-party companies that specialize in these areas can perhaps provide even more protection for Office 365 data.

Furthermore, the use of third-party solutions will often enable the use of less expensive Office 365 plans, as well as a reduction in the use of storage beyond the initial allotment provided in a given plan, resulting in a total cost of ownership that can be lower than if only more expensive Office 365 plans are used. For example, based on just list prices, the use of Office 365 Enterprise Plan E3 will save an organization $15.00 per user per month compared to the use of Enterprise Plan E5, a total savings of 43 percent. There are several security, data protection and archiving services that could be combined from various third party solutions to supplement the native capabilities in Office 365 for less than $15.00 per user per month, resulting in a net savings relative to the cost of Plan E5.

Office 365 Has Been Successful

Microsoft has been pursuing “cloud” offerings for many years, starting with hosted Exchange in the late 1990s, followed by BPOS, and now Office 365. In this third iteration, Microsoft has clearly hit its stride: as of October 2018, Microsoft reported 155 million customers for the platform, up from just 60 million just under three years earlier. In short:

  • Office 365 offers a number of useful capabilities
    Office 365 includes business-grade email, desktop productivity capabilities, file sync-and-share, collaboration tools, voice communications, instant messaging and a range of other capabilities in a variety of packages at different price points. Microsoft has tailored its offerings to a wide range of customers and offers services aimed at specific industries.
  • It’s becoming the dominant business platform
    Microsoft, as a “cloud-first” vendor, has been making a concerted push to move its customers of on-premises solutions to the cloud, with the result that most Microsoft business email customers are now using Office 365 and not onpremises Exchange. While Microsoft has dominated the on-premises email market for many years, it is now doing so to an even greater extent in the cloud.
  • Microsoft has done a good job at providing a good set of solutions
    Overall, Microsoft has done quite a good job at assembling a wide range of solutions for a broad audience, and has provided decent security, archiving, encryption, data protection and other capabilities to support them.


Despite the appeal and utility of Office 365, there are some areas of functionality where things can be improved:

Malware protection
Most organizations that use Office 365 rely on the basic security that is offered natively in the platform. For those using a version of Office 365 with the more capable Microsoft Advanced Threat Protection (ATP), security is better, but it does have some limitations. For example:

  • The only way to get a consolidated view of threats is to use Cloud App security, which is available only in the Plan E5 subscription.
  • The spam quarantine does not share information with users on how many similar messages were received with a similar subject line and sender by other users in the organization. A higher number might signal the likelihood that the message is spam or a phishing attempt. This intelligence could help users make more informed decisions about the likelihood that a message might be carrying malicious content.
  • Safe Attachments uses virtual sandboxing to assess the presence of malware and other threats in a document. This approach is not effective against certain types of threats like password-protected ransomware sent with the password in the body of the email. Competitive offerings go beyond sandboxing on virtual machines, and include the next-generation of advanced detection mechanisms, such as deep content inspection, recursive analysis of embedded documents, evaluation of threats below the application and operating system levels, identification of dormant code, sandboxing on controlled physical machines to analyze for malware that evades virtual sandboxing detonation, and more. Microsoft’s ATP is not on par with some best-in-class, advanced, third party offerings on the market.

To read full download the whitepaper:
Filling the Gaps in Office 365 Data Protection