5 Ways to Boost IT Security with Office 365 Advanced Threat Protection

We’ve said it plenty of times before, and saying it again does little harm: cyber attacks on your business are not a matter of if, but when. And trust us – repeatedly bashing you over the head with this clichéd phrase is a lot less painful than becoming a victim of cyber crime.

Attackers are getting more sophisticated with their methods. New cyber threats are emerging from every corner. But the fightback is just as relentless, especially from technology giants like Microsoft. And they have a tool that can help you to protect your business: Office 365 Advanced Threat Protection (ATP).

In this blog post, we’re going to show you five features of ATP that you can use to improve IT security in your organisation. These are:

  1. Safe Attachments
  2. Safe Links
  3. ATP for OneDrive, SharePoint and Teams
  4. Spoof Intelligence
  5. Anti-Phishing Capabilities

But before we go into these points, we’ll discuss what ATP is and which Office 365 licenses it is available on.

What is Office 365 Advanced Threat Protection?

Microsoft Office 365 ATP is a cloud-based filtering service. It helps to protect your emails, files and Office 365 applications – such as Word, Excel, PowerPoint and many others – from unknown malware and viruses. It scans your emails and files in real-time for malicious links and documents.

ATP is included as part of all Office 365 Enterprise E5, Office 365 Education A5, and Microsoft 365 Business licenses as standard. Additionally, it can later be added to all of the following licence types:

  • Exchange Online Plan 1
  • Exchange Online Plan 2
  • Exchange Online Kiosk
  • Exchange Online Protection
  • Office 365 Business Essentials
  • Office 365 Business Premium
  • Office 365 Enterprise E1
  • Office 365 Enterprise E3
  • Office 365 Enterprise F1
  • Office 365 A1
  • Office 365 A3

Other great extras of ATP include rich reporting and URL tracing abilities. These can give administrators in your company valuable insights into the types of malicious activity being directed at your business.

What all of these innovative features add up to is a respectable complement to the Microsoft Exchange Online Protection tool. Your organisation gets increased zero-day protection and is safer from harmful files as a result.

5 Ways to Boost IT Security with Office 365 Advanced Threat Protection

Now that you’ve got a good understanding of what ATP is, it is time to find out the five ways it can help boost your company’s IT security.

1. Safe Attachments

ATP’s Safe Attachments feature reviews any email attachments that enter your inbox, and ensures they are not malicious or harmful. With ATP turned on in your business network, whenever somebody within your Office 365 environment receives an email, Safe Attachments automatically opens the file before the user has a chance to see it. It then tests this within a virtual environment that is secluded from your real-time one.

If the attachment is dangerous, it is taken out of your system. If it is not, then the user will be able to open it as they normally would. Safe Attachments can be applied to individual users or your entire company.

2. Safe Links

ATP’s Safe Links feature offers real-time verification for links in emails and Microsoft Office documents, at the time of the click. When a user receives an email with a link – or an attachment with a link – and they click on it, Safe Links will run a flash report before opening the URL.

Safe Links then identifies the link in one of three ways: blocked, malicious, or safe. If the URL has been marked as blocked or malicious, the user will get a warning notice instead of being able to open the link. If it is safe, they will be able to click-through to it as normal. The same process happens with Office documents.

3. ATP for OneDrive, SharePoint and Teams

ATP is not just for your emails and documents; it can be used to detect and block harmful content in your document libraries and team sites too. Once a file has been identified as malicious in any of these locations, ATP locks the file and prevents it from being accessed by anyone.

Although you will still be able to see the file in your library or site, nobody will be able to move, open, copy or share it. They can delete it, however. It will also be added to a quarantined list, where members of your security team can download, report or remove it from your network.

By design, ATP does not scan every file in SharePoint, OneDrive and Teams. Files are not scanned synchronously either. Scanning uses guest activity events and threat signals to determine what is dangerous content.

4. Spoof Intelligence

Email spoofing has become a common way for cyber criminals to infiltrate your network unnoticed and steal your company’s valuable assets or money. As the term ‘unnoticed’ suggest, it can sometimes be easy to miss the signs of a spoofing attack. Fortunately, ATP’s Spoof Intelligence tool can help you and your users out.

This built-in spoof protection helps to make sure your company is protected from emails with malicious intent. Using the Security & Compliance Centre on your Office 365 Admin portal, you can set up spoof filters that can detect the difference between legitimate and illegitimate activity. You can also review senders who you suspect are targeting your business with harmful content, and then block them if you need to.

Read more: how to stop an email spoofing attack with non-technical solutions

5. Anti-Phishing Capabilities

With machine learning models and impersonation detecting algorithms, ATP’s anti-phishing capabilities can help keep your business safe from potential spear-phishing attacks. Using this set of features, you can set up ATP to review and alert you of an incoming phishing attempt in your messages.

Once there is an ATP policy in your organisation, any user in your organisation who is covered by it will have this anti-phishing protection enabled. When the suspicious email enters their inbox, machine learning models evaluate the message to determine if it is malicious or not. If it is, ATP wil act based on what has been configured by you. Anti-phishing policies can be configured for a group of people within your network, a single domain or all the domains under your control.

Read more: social engineering red flags to watch out for in any email

Protect Your Business From Threats Today

So, to get:

  • Real-time protection from harmful attachments
  • Up-to-the-minute warnings about dangerous links
  • The ability to isolate malicious content in your libraries and sites
  • An effective barrier against email spoofing attacks
  • Powerful phishing detection tools

Consider utilising or adding Advanced Threat Protection to your company’s IT security procedure.

If you’re not sure where to begin with this innovative tool, or want to discuss your security policies and procedures, feel free to get in touch with us.