Exchange Online Protection Getting Security Enhancements
Microsoft provided an update today about its future Exchange Online Protection plans.
The Exchange Online Protection team has begun work on enhancing the solution, which is used to protect against spam and malware. Exchange Online Protection is a service that can be used with Exchange Online as part of Office 365 subscriptions, or it can be used with premises-based Exchange Server deployments.
The new Exchange Online Protection enhancements to come are expected to arrive in the next six months to 12 months, according to Microsoft's announcement. The announcement listed those improvements as follows:
- Advanced threat protection, such as "Time of Click" and "Zero-day" protection.
- Strengthened coverage against malicious URLs.
- Implementation of key sender authentication technologies, such as DKIM and DMARC.
- Improved protection against bulk mail.
- Detailed reporting and message-tracking enhancements.
- Message Quarantine enhancements.
- Continued expansion of EOP datacenters across different regions, further substantiating our promise of processing mail in the region of our customers.
The last bullet point underscores Microsoft's sensitivity to European Union legal requirements of having local protections in place for data. Ensuring global trust is a key element for Microsoft in jumpstarting its cloud computing services, although achieving that goal hasn't always gone so well for the U.S.-based company. For instance, Microsoft currently is battling a U.S. government request to access data stored in its datacenter in Dublin, Ireland. It's also called for an international legal framework to clarify such government requests for data in the future.
Microsoft's future updates to Exchange Online Protection will get rolled out "on a continuous basis" in accord with the Office 365 release cycle, so it's unclear exactly when the improvements will arrive. Improvements are listed and can be tracked using Microsoft's Office 365 roadmap page.
Exchange Online Protection uses filters against phishing campaigns and bulk e-mail distributions. It also blocks e-mails coming from URLs with low reputations or low sender reputations. The service will block messages based on their content, headers and language, as well as internal URLs and attachments. It also has the capacity to use three antimalware engines to ward off malware and viruses.
IT pros can fine tune the Exchange Online Protection service's filters. They can control for bulk e-mails or international spam. Configuration options are described in this Microsoft article.
Exchange Online Protection replaced Microsoft's earlier Forefront Online Protection for Exchange product. Microsoft announced a product name change about two years ago.
Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.