Additional Security for Microsoft O365

This article describes the impact of additional security software that has been added to Glow to further protect users’ devices and data whilst using O365.

This additional security software works alongside a wide range of existing measures that have been taken to ensure Glow is appropriate for its intended use.

Microsoft O365 Email

Spam and malware which can be received through email can cause a number of issues such as accessing data and information without you knowing or infecting your device with a virus to cause damage. Glow’s approach will always try to protect users from such dangers.

Malware

We want to ensure our users are as protected as possible from spam and malware so the additional security tools within Glow will automatically delete specific emails sent in to O365 if they are known to contain spam or malware – code that presents a risk to your device or your data. Examples of content that is automatically deleted are:

  • Phishing – the sender is trying to get you to tell them information to access an important account e.g. your bank’s username and password.
  • Ransomware – the sender is trying to infect your device and deny access to data or services until money is paid.
  • Malicious Spam – other means where the sender is trying to get information from you they are not entitled to.
  • Virus – the email is trying to get code on to your device for a range of possible reasons.
  • Worms/Trojans – if these get on to your device then they can cause damage in a number of ways such as allowing hackers access to your device.
  • Spyware/Greyware – this is a way that hackers can access data from your device and send it back to themselves without you knowing. This can also include adware and other malicious code.

Junk Email

If an email is received that is believed to contain spam that is a lower risk than those outlined above then it is automatically passed to the user’s Junk Email folder. The contents of the Junk Email folder can be reviewed at any time.

Unsafe File Types

Some file types are not allowed to be attached to emails as they present a high risk of having inappropriate code within them. If any of the following files are attached then they will be automatically replaced with a text file explaining why the file has been removed. File types covered by this are:

  • Executable and linking format files
  • JAVA applets
  • Windows Shell Links
  • Windows Installer Package

Further Checks

Automated checks of emails and attachments will occur where they are considered to be a potential risk, but the nature of the risk is unclear.  When this takes place, and the emails or attachments are then found to be high or medium risk, then the email or attachment will be automatically deleted. If the email or attachment is found to be a  lower risk, but still a threat, then you will see the email being tagged in the subject with a warning – “Be careful of links or attachments in this email”

 

Microsoft SharePoint and OneDrive

Malware

There will be automated checks of files uploaded in both OneDrive and SharePoint when they are uploaded or accessed and if they contain inappropriate content they will be removed and replaced with a text file explaining what has happened. This is again an entirely automatic process and files cannot be retrieved. Files will be deleted if they contain:

  • Virus
  • Worms/Trojans
  • Packed Files
  • Other Malicous Code
  • Spyware/Greyware
  • Ransomware

For definitions of the above see the previous section on email.

File Types

OneDrive and SharePoint do not block the file types that are blocked in email. This is because there are often valid reasons for storing such files in Glow. You should always be careful of files such as .exe files and only use them if you trust from where you have received them.

Further Checks

The automated checks of files will take place, this will be where they are considered to be a risk but the nature of the risk is unclear. When this takes place and the files are then found to be high or medium risk then the files will be automatically deleted and a replacement file will be inserted explaining what has happened. Lower risk files will be allowed on to Glow.