Office 365 has a wide variety of built in security features, however, most businesses don’t utilise them correctly and therefore open themselves up to malicious attacks.
Two ways cybercriminals gain access to your Office 365 accounts is through brute force or your password which they acquire by performing social engineering tactics.
Another way they can gain access is through stolen devices. If you use Onedrive and your device is stolen, it can be used to access confidential company information if there are no security measures in place.
Employees can unknowingly be leaking information because the basic precautions are not in place and this leaves their machine and company data vulnerable.
Office has features that can assist in fending off these sorts of attacks and malicious activity but to ensure full email security, we still recommend that you include a solution like Mimecast to provide an enterprise grade layer of security on top of your Office 365 deployment and protect you from email-borne attacks.
Read more: How Secure is your Office 365?