The Crucial Role of M365 Mailbox Security in Compliance Standards

Cybersecurity compliance frameworks aren’t just a concern for specific industries— they are a foundational shield recommended for all companies. Most cyber threats target end user mailboxes. As these attacks escalate in number and severity, organizations are increasingly expected to adhere to security compliance frameworks.

For MSPs, managing M365 security is at the core of these compliance standards. Let’s explore why mailbox security matters, the challenges faced by IT administrators, and how SkyKick Security Manager helps MSPs protect the mailboxes of the world.

Why Mailbox Security Matters

Cyber Threats Increasing in Number and Sophistication

In 2023, cyberattacks surged by 400%, becoming more sophisticated. Businesses worldwide expect each other to comply with security standards. However, only 20% of businesses have achieved any compliance standing, despite the intent to become compliant. This gap presents an opportunity for MSPs to step in and address this vulnerability.

9 out of 10 cyber-attacks start with a phishing email, and 50% of all malware is delivered via email. So mailbox protection is one of the vital ways MSPs and cyber-security professionals prevent end users from falling victim to bad actors.

Compliance Frameworks Require Mailbox Protection

Numerous compliance frameworks shape the international security landscape. Each contains recommendations and requirements regarding mailbox security.

While the requirements may be dynamic, there is a large amount of foundational commonality.  

  • CIS (Center for Internet Security): The CIS recommends securing mailboxes by implementing strong access controls, regular monitoring, and encryption to protect sensitive information.1
  • NCSC (National Cyber Security Centre): NCSC emphasizes secure configuration of email systems, including proper access controls, encryption, and regular patching to prevent unauthorized access to mailboxes.
  • Essential 8: Advises organizations to secure mailboxes by using strong authentication methods, implementing spam filters, and regularly updating email software to prevent phishing attacks and unauthorized access.2
  • GDPR (General Data Protection Regulation): GDPR doesn’t specifically outline mailbox security recommendations, but it emphasizes protecting personal data, which includes securing email communications and access to mailboxes.
  • NIST (National Institute of Standards and Technology): NIST’s SP 800-45 Version 2 provides detailed guidelines for securing email systems, including securing mail server applications, protecting messages in transit, and securing access to mailboxes.2

Remember that these recommendations may vary based on the specific context and requirements of an organization. But commonalities include:

  • Securing access to mailboxes (MFA, Conditional Access Policies, etc)
  • Anti-Phishing & Spam Filtering
  • Regular ongoing monitoring

So how do MSPs provide continuous mailbox protection to customers?

Strengthen Mailbox Security with Security Manager

Security Manager was designed for MSPs to manage their entire customer base in one place. One specific area it provides exceptional visibility and tools is around mailbox security .

In a prior blog, we covered one of the commonly recommended areas of mailbox security mentioned above, managing mailbox access. Read our blog on Multifactor Authentication (MFA).

Here are some of the key features which allow MSPs to efficiently manage M365 mailbox security

  1. Automated Workflows: Security Manager offers default workflows that span multiple customers. No need to log in to multiple M365 tenants. Automate tasks like assessing secure scores, configuring anti-phishing policies, and monitoring key settings.
  2. Centralized Threat Oversight: Aggregating security signals from various M365 environments, Security Manager provides a single dashboard for MSPs. Efficiently address threats across environments.
  3. Customer Review Report: Facilitate meaningful conversations with customers. Grow your security practice by providing actionable insights and recommendations.
  4. Baseline Configuration Made Easy: Quickly demonstrate M365 security baseline configurations. Identify items that haven’t met baseline standards and take corrective actions.
  5. Stay Current with Solution Updates: Instantly access the latest security solutions within Security Manager. No manual updates required.

Anti-Phishing is also a valuable mailbox security area which costs MSPs time and effort to keep up with. Security Manager makes Anti-Phishing easy in 3 steps:

Continual Anti-Phishing in 3 Easy Steps

  1. Choose a Customer – Identify one or more customers who may benefit most from security improvements.
    • Review the Get Microsoft 365 Secure Score Recommendations Report from our last blog. Read More…
    • Recommended: Open the report in Excel to be able to filter, search, and sort 
    • Identify Anti-Phishing recommended actions for a customer using “Description” (Column Q) Review M365 Licensing Pre-Requisites (Column G). For Anti-Phishing recommended actions, this report tells you if the customer has M365 Business Premium, a Microsoft requirement. 
    • Optional: Share the report with the customer to consult on M365 licensing, and to propose the recommended actions be performed
  1. Configure Anti-Phishing – Review and run the workflow Research and Configure Anti-Phishing Policies
    • Open the workflow to review each of the steps within it, and the options therein
  1. Automate & Share – Schedule ongoing automation for above steps to run periodically and deliver the good news
    • Review the reports sent via the workflow to verify when the policies have taken hold. It can take M365 some time to propagate the changes
    • Inform Customer of the Secure Score point improvement metrics, along with how many recommended actions you performed to accomplish this. The reports are available in Excel, HTML, and PDF
    • Schedule the workflow to run periodically to ensure that these policies do not get over-written, and that newly added users are configured with the right settings for Anti-Phishing 

In just a few minutes, you will have used automation to protect your customers from phishing attacks and created reporting to show tremendous value to your customer. You will also have automated the continual running of these configurations moving forward, giving the customer peace of mind and continual protection.

Timeless Mailbox Protection

Anti-Phishing is just one area of Mailbox Security. Explore more workflows and collections of workflows to deliver anti-malware protection, message quarantine, enable safe links, conditional access policies, and much more.

Improving mailbox security with recurring automation allows you to deliver truly continual customer protection to your customers. Whether your customers are officially seeking compliance with one of the major frameworks, or just looking for your guidance on best practices, Security Manager helps MSPs implement, manage, monitor, and report on mailbox security.

Watch 3-Minute How-To Videos

Take a Self-Guided Tour


  1. CRSC / NIST
  2. Microsoft