Securing collaboration platforms with an innovative approach
iQ.Suite 360 can overcome the limitations of Microsoft Defender
In the previous part of our series on protection of collaboration platforms, we presented the functionalities integrated in Office 365 that Microsoft offers. In this article, we will reveal how the limitations of these capabilities can be overcome with the solution iQ.Suite 360.
The functionality we addressed previously is the solution Microsoft Defender for Office 365, which can also provide protection for files uploaded to SharePoint Online, OneDrive for Business or Microsoft Teams, among others.
Using Microsoft Defender for this protection is a good choice. Nevertheless, it may not be the best solution for every company and situation. In fact, Microsoft recommends that companies should set up anti-malware protection at different levels for the optimal protection of the company infrastructure. See Built-in virus protection in SharePoint Online, OneDrive, and Microsoft Teams
Limitations of the protection with Microsoft Defender for Office 365
With Microsoft Defender, detected malicious files remain where they are stored. However, this can lead to problems because users do not recognize the additional risk detection system or simply overlook it in stressful situations. In that case, if no policy is set up to prevent opening or downloading, this can lead to an infection of the local computer. It is therefore recommended to move the malicious file directly to a quarantine with restricted access. This way, the user is no longer able to download a malicious file. The user who uploaded the file should be notified by e-mail about the potential threat and the moving to quarantine.
Furthermore, it is important that the threat posed by a file is detected at an early stage. With Microsoft Defender, only files that heuristics identify as a potential risk are checked by the built-in malware scanner. Moreover, this check is carried out asynchronously and not immediately after the file has been uploaded.
Alternative approach with iQ.Suite 360
With iQ.Suite 360, GBS offers an alternative or complementary solution that overcomes the aforementioned limitations for SharePoint Online, OneDrive for Business and Microsoft Teams. With this solution, every file that poses a potential threat is moved to a quarantine library (SharePoint, Microsoft Teams) or a quarantine folder (OneDrive) with restricted access. In addition, the administrator can choose when the scan should take place.
With iQ.Suite 360, a real-time scan can be activated that checks each file immediately after it has been uploaded. This scan type, also called online scan, can be set very granularly for all SharePoint document libraries or all Teams channels. The administrator can also activate the online scan only for certain document libraries, channels or users.
A scheduled scan can be performed for the other libraries, channels or users. For example, it is possible to scan certain libraries, where files are only uploaded from computers protected by the corporate infrastructure, only once a day. Additionally, there is also on-demand scan, with which the administrator can scan new files in specific document libraries or channels, or from users (OneDrive) at any time.
Support for common malware protection systems
Another advantage of iQ.Suite 360 over Microsoft Defender for Office 365 is that the administrator can choose between four scanners. These include malware scanners from Avira, Kaspersky, McAfee and Sophos that are widely available on the market. It is even possible to use more than one scanner at the same time for better protection. In this case, the files are scanned by all selected scanners.
Using scanners from multiple vendors can also minimize zero-day threats. A zero-day threat is a new type of threat that has been identified, but the scanner manufacturers are still in the process of providing detection. This can take different amounts of time depending on the manufacturer. As soon as a threat is detected, the administrator can see which scanner has reported which type of threat.
If you want to learn more aboutiQ.Suite 360 for the protection of collaboration platforms, such as SharePoint Online, OneDrive for Business or Microsoft Teams, register for our free webinar or simply contact us directly!
Author: Dr. Rolf Kremer