For most organizations, protection of company data ranks high on the list of absolute necessities. Many third-party companies over the years have provided solutions to help fill the gap regarding security. But when your data takes so many different forms across different platforms, it becomes a daunting task to manage it all. Luckily Microsoft began providing a solution with Office 365 ATP Features that help cover the gamut of cloud platforms they have available.

Office 365 Advanced Threat Protection (ATP) provides industry-leading protection by leveraging trillions of signals from the Microsoft Intelligent Security Graph and analyzing billions of emails daily. This feature also provides actionable insights that help identify, prioritize, and provide recommendations for addressing potential threats such as phishing and malware and proactively securing your organization from attacks. You also received advanced automated response options, including tools such as security playbooks and investigation graphs that help investigate and remediate attacks faster and save time, budget and resources while at the same time training users to recognize and report attacks. The ability to build and schedule attack simulations helps teach users how to spot suspicious content and not click on unknown links.

Setting up an Office 365 Advanced Threat Protection policy helps define your organization’s behaviour and protection level for predefined threats. These options are all extremely flexible allowing fine-tuned threat protection at either the user, organization, recipient and the domain level.

To set up Office 365 Advanced Threat Protection, you will first need to purchase a subscription that includes ATP. The most common subscriptions that include this are Microsoft 365 E5, Microsoft 365 Business, Office 365 E5, etc. If your organization does not have one of these subscriptions, there is an option to purchase Advanced Threat Protection as an add-on. Once purchased and the license(s) is assigned to the appropriate user-base, you can begin to define ATP policies.

To view Office 365 subscriptions that include ATP, visit our plan comparison page

Office 365 Safe Attachments

The ATP Safe Attachments feature checks all email attachments and scans to confirm if they are safe or malicious. If found to be malicious, the policy is set to take appropriate actions for data protection in your organization. These ATP Safe Attachments policies are setup by your Office 365 Global Administrator or Security Administrators. Safe Attachments aren’t also just for Exchange. Protection can be extended to SharePoint Online, OneDrive for Business and Microsoft Teams.

Office 365 ATP Safe Links

Office 365 ATP Features Safe Links helps protect your organization by providing verification of URLs in emails and Office documents. This protection is defined through an ATP Safe Links policy. The Global Administrator of your tenant can define the Safe Links policy to make a malicious link either unclickable, strip the URL from the email or document or quarantine the email if detected.

Office 365 ATP for SharePoint, OneDrive and Microsoft Teams

With most organizations, people regularly share files and collaborate using SharePoint, OneDrive and Microsoft Teams. With Office 365 ATP Features, this allows users to collaborate safely. ATP can detect and block files that are identified as malicious in either team sites or document libraries. How this works is when a file located in SharePoint Online, OneDrive or Microsoft teams have been flagged as malicious, ATP integrates with the file stores to lock the file. Below is an example of how this would look in your environment.

So even though the file is still listed within the document library, it cannot be opened, copied, moved or even shared. This file though can be deleted at any time. ATP does not scan every file within SharePoint Online, OneDrive or Microsoft Teams. This is by Microsoft’s design. The files are all scanned asynchronously, through a process that uses sharing and guest activity to identify malicious files.

Office 365 ATP Anti-Phishing

Office 365 ATP anti-phishing uses machine learning model as well as impersonation detection algorithms against incoming messages to provide data protection for organization against phishing attacks. Each message undergoes this machine learning model which are training to detect phishing messages and protects against various user and domain impersonation attacks. These policies, just like the others are setup by your Office 365 Global Administrator. ATP also includes Mailbox Intelligence which is an advanced understanding of each user’s email habits and personal contacts. ATP can learn how each individual communicates with users both internal and external your organization. This helps ATP determine if a message is being impersonated.

Contact MessageOps if you have any questions: 877-788-1617 or email [email protected].