Making Office 365 More Secure With Aperture

By: Tim Cullen

Aperture adds another layer of protection to Microsoft’s cloud-based platform

The protection built in to Microsoft’s Office 365 makes it a secure force to be reckoned with. But what if you could make it even more airtight? Now you can.

One of the most common reasons organizations move to a software-as-a-service (SaaS) application like Office 365 is because they hire external collaborators, as well as their own mobile employees. And anybody on the outside presents a security risk.

You can never have enough protection.

Doesn’t Microsoft already provide enough built-in security? Yes, for many things. Not entirely for every scenario, however.

Microsoft puts out a lot of effort to protect your data, but it has a different goal for protection than you do. Microsoft wants to protect the cloud infrastructure itself, and its top priority is breach prevention. In contrast, you are more interested in data protection.

Office 365 gives you two important protective measures for cloud infrastructure:
1. It encrypts your data in the cloud.
2. It then puts encryption on the connections the data passes through.
Data at rest (in the cloud) is encrypted. The data in motion to clients is encrypted. Pretty safe, huh?

Yes. But you can make it even safer.

Here’s where you can beef up Microsoft’s encryption protection. An external collaborator – or even one of your connected remote workers – could theoretically insert a piece of malware into a file and send it to your Microsoft OneDrive. Depending on how your network is set up, that malware could traverse through the network and impact users at the other end.

Or, if someone changes the way a file is shared, they can expose rights and data to the wrong person. Unauthorized users can then take advantage of this exposure. Microsoft does not offer a high level of protection in this area.

Bring in advanced threat protection.

Aperture, another SaaS product that lives in the cloud, fills in these protection gaps. It is able to look for suspicious user behavior and detect violations of how data is supposed to be shared. Aperture can also look for malware. How?

It connects to another Palo Alto Networks product called Wildfire, aka Aperture’s threat intelligence cloud. Aperture looks for known threats; if it finds one, it prevents the threat from being able to propagate. But if it’s an unknown threat, Aperture sends it to Wildfire. If Wildfire identifies it as a threat, this information is shared immediately across your organization’s network.

NOTE: For companies that do not have Palo Alto in their enterprise today, they can still take advantage of the Aperture security license.

To visualize how a solution like Aperture works, check out this lightboard video. It puts this unique SaaS protection into perspective.


For more information on Aperture, Wildfire, or any of the security considerations of operating in the cloud with Office 365, give our MessageOps team a call at 877-788-1617 or fill out our online contact form today.


A Look at Cisco Hyperconvergance 2.0 and HyperFlex - The Next Generation Data Center


Microsoft Steps into the Spotlight at Open Source DevNation 2016