What is Office 365 Advanced Threat Protection?

Microsoft ATP is a cloud-based email filtering service that can help protect your organization from unknown malware and viruses, Office 365 ATP can provide your organization with better zero-day protection, keeping you safe from such things as unsafe attachments and malicious links. It can be fully integrated too in your Office 365 suite, hence the “Office 365” aspect of it.

5 Hot Features of Office 365 Advanced Threat Protection

Email is one of the most pervasive and powerful forms of communication in today’s working environment – we rely heavily on emails to do business and to communicate with colleagues, collaborators, and customers. However, email is also the most prolific attack vector that threat actors are actively using to target and compromise your users in an effort to breach your organization’s security environment!

Below, we’ve outlined the five key features of Office 365 ATP that helps to keep your organization more secure and helps to ensure that your emails aren’t being used against you.

Office 365 Advanced Threat Protection: Safe Attachments

The Office 365 Advanced Threat Protection Safe Attachments feature checks any email attachments that come into your inbox to make sure it’s not malicious. If you have Office 365 Advanced Threat Protection activated within your Office 365 environment, every time someone checks an email with an attachment included, Safe Attachments automatically opens the file and tests it within a virtual environment that doesn’t affect your real-time environment. If the file is to be found safe, it’ll open as expected. But, if the file is found to be malicious in nature, it is removed automatically.

You can apply Safe Attachment policies to a specific person on your team, or your organization as a whole.

Office 365 Advanced Threat Protection: Safe Links

In this day and age, everyone should know the dangers of clicking on links that have been sent to you from someone you don’t know. After all, it’s pretty widely known that, if you don’t trust the sender, don’t click on the link, right? But, sometimes mistakes happen, and without meaning to, you click on a link anyway. Or, there could be times when the sender you trust has, themselves, been hacked. When these scenarios happen, you need to know that you’re safe.

Enter Office 365 Advanced Threat Protection Safe Links, which provides time-of-click verification of website addresses in both email messages and Office documents. When an email is received that contains a URL and you click on that link, ATP Safe Links will automatically check the URL before opening it. That URL will either be identified as blocked, malicious, or safe. If the URL is safe, it’ll open as usual without any further steps required. If the URL has been blocked or is identified as malicious, it’ll open a warning page instead of exposing your user to the potentially harmful link. A similar process also takes place when a link is clicked within an Office document.

Office 365 Advanced Threat Protection: Spoof Intelligence

There are legitimate times when spoofing is necessary. For instance, if you have third-party vendors who are sending bulk mail on your behalf, you’ve hired an assistant who needs to send emails from another person within your organization, or you’ve hired an external company to do lead generation, product updates, or send sales emails that look like they’re coming from you.

For these reasons, it’s important not to outright block all spoofing from your organization. But how do you make sure that these emails who are supposedly coming from your organization are, in fact, legitimately from your organization? More importantly, since spoofing is also a common way for phishers to determine user credentials, how do you make sure that those who are spoofing your domain for malicious purposes are stopped?

That’s where Spoof Intelligence comes in. Office 365 Advanced Threat Protection has built-in spoof protection that helps make sure the legitimate emails are sent while shielding your organization from any malicious intent. In the Security & Compliance Centre on your Office 365 Admin portal, you can set up spoof filters that can determine the difference between legitimate activity and malicious activity. Also, you can review senders that are spoofing your domain and either block those senders from doing so or allow them to continue with just a few clicks of your mouse.

Office ATP Anti-Phishing Capabilities in Office 365

Machine learning models and impersonation detection algorithms are two of the ways that Office 365 Advanced Threat Protection Anti-Phishing helps to keep your organization protected from potential phishing attacks. Using the Anti-Phishing capabilities, your security team can set up Office 365 ATP’s Anti-Phishing to check all of your incoming messages for any indication that it could be a phishing attempt.

How do you ask? Once your security team implements an ATP policy in your organization, anyone who’s covered by it will automatically have this feature enabled. When the email comes into your inbox, the message is evaluated by machine learning models that decide if it is a malicious email. If so, ATP will enact an action, based on however your security team has configured your ATP policy.

These Anti-Phishing policies can be set for a specific group of people in your organization, or to an entire domain, or to every domain you own.