Skip to main content

Microsoft gives Office365 greater protection, but at a cost

Office365 is already protected from Spam, viruses and malware with Exchange Online Protection (EOP).

Microsoft, with the justification that hackers and other groups are becoming increasingly sophisticated, has announced through a blog the introduction of ATP (Advanced Threat Protection) for Office365.

The solution is available now in private preview and will be fully available to commercial customers in the summer of 2015. There is an additional cost though of $2 per user per month for commercial customers and $1.75 per user per month for most public sector organisations including non profit, government and education.

Customers who use the Exchange Online protection for their on premises Exchange solution can also take advantage of the new functionality.

With Microsoft charging for this additional services rather than merely upgrading EOP with the functionality one wonders how they justify this. It could be said that the Exchange Online Protection only protects you so far and then it costs a little more to get greater protection, is this just a back door method to increase the pricing of Exchange online and increase revenues?

To justify the additional cost Microsoft has listed three benefits of the new solution:

  1. Protection against unknown malware and viruses - Today EOP employs a robust and layered anti-virus protection powered with three different engines against known malware and viruses. ATP extends this protection through a feature called Safe Attachments, which protects against unknown malware and viruses, and provides better zero-day protection to safeguard your messaging system. All messages and attachments that don’t have a known virus/malware signature are routed to a special hypervisor environment, where a behaviour analysis is performed using a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.
  2. Real time, time-of-click protection against malicious URLs - EOP scans each message in transit in Office 365 and provides time of delivery protection, blocking any malicious hyperlinks in a message. But attackers sometimes try to hide malicious URLs with seemingly safe links that are redirected to unsafe sites by a forwarding service after the message has been received. ATP’s Safe Links feature proactively protects your users if they click such a link. That protection remains every time they click the link, as malicious links are dynamically blocked while good links can be accessed.
  3. Rich reporting and URL trace capabilities - ATP also offers rich reporting and tracking capabilities, so you can gain critical insights into who is getting targeted in your organisation and the category of attacks you are facing. Reporting and message tracing allows you to investigate messages that have been blocked due to an unknown virus or malware, while the URL trace capability allows you to track individual malicious links in the messages that have been clicked.

Of these new features, only the third seems to really be justified in warrantying extra costs. Most commercial companies would expect the first two to be a natural improvement path for the EOP solution.

One wonders if this is a sign of things to come, Microsoft is aiming for an evergreen approach to upgrades, always providing the latest solution.

The intention of a SaaS solution is that the rental of the software should replace licensing and fund all upgrades, it does seem as though Microsoft is looking at charge for what seems to be merely upgrades to existing software in this case though.