What Is Microsoft Defender for Office 365?

What Is Microsoft Defender for Office 365?

One of the benefits of using Microsoft 365 is that it offers a lot of different security protections, which are vital in today’s online threat environment.

The disruption caused due to the global pandemic led to a significant rise in online threats and cybercrime around the world as well as in Australia. There was a 51% increase in spyware globally in 2020 as well as a 20% increase in global ransomware, and a 10% increase in Australia.

While your standard Microsoft 365 business accounts include several security features, Microsoft offers extended protection from phishing attacks, malware, and other malicious threats through Microsoft Defender for Office 365. This is available in Microsoft 365 Business Premium as well as Enterprise accounts.

We’ll go through the features of the tool below and how it can help keep your Sydney area business more secure.

Features of Microsoft Defender for Office 365

Microsoft Defender for Office 365 offers more security capabilities and features to protect your business against a variety of online threats.

Some of the tools include:

  • Real-time reporting on threats and response performance
  • Ability to define threat-protection policies at the levels needed for your company
  • Ability to investigate, understand, simulate, and prevent threats
  • Time-saving automated investigation and response

Here are some of the features you’ll find in this security application.

Safe Links

Safe links is specifically designed to combat today’s phishing attacks. While some phishing does still use file attachments, a majority of it now uses links instead to try to get past anti-malware programs.

51% of phishing attacks contain malicious links rather than file attachments.

What Safe Links does is scan messages for hyperlinks and matches those against a database of malicious sites. If it identifies anything malicious it can rewrite the message to strip the link, protecting the user from a potential cybersecurity issue.

Safe Links can be activated through policies to protect:

  • Email messages
  • Messages shared in Microsoft Teams
  • Messages shared in other Microsoft 365 apps

Safe Attachments

Safe Attachments is a feature that gives additional protection over a standard anti-malware scanning. Online threats have become increasingly sophisticated, meaning that some dangerous file attachments might make it past a first line of security.

This feature uses a virtual environment to check attachments in email messages for anything malicious before the message is delivered to the user.

Advanced Threat Protection (ATP) for SharePoint, OneDrive, and Teams

What happens if a malicious file makes it into your system in another way, not through email or a new message? ATP is designed to protect against these and keep any areas where you store cloud files secure.

ATP for SharePoint, OneDrive, and Teams will look at files that already exist in your account. If it detects anything malicious, it can block access to the file to prevent device infection.

When a dangerous file is blocked, it can be deleted by users, but cannot be opened, copied, moved, or shared.

Anti-Phishing Policies

Phishing is the #1 delivery method for ransomware, viruses, and other types of malware. Microsoft Defender for Office 365 gives you additional strong policy protections against phishing to keep your team secure.

One of these is a protection against spoofed emails. This is where the attacker uses your own domain or that of a company you may recognise in the “From” line of the email to trick the user into trusting it.

The anti-phishing policies in the application prevent this type of email impersonation by allowing you to block designated internal and external addresses from being spoofed as message senders.

You can also set specific advanced phishing thresholds for protecting your organisation from phishing attacks. These include:

  • Standard
  • Aggressive
  • More aggressive
  • Most aggressive

Explorer & Real-Time Detections

You gain advanced visibility into what’s happening with your account through use of Explorer and Real-time detections in Microsoft Defender for Office 365.

This includes the ability to see detailed reporting on any suspicious emails and the originating IP address, and proactive threat hunting capabilities that head potential threats off before they can become a problem.

Advanced Automation, Investigation, Remediation, and Education

There are two levels of Microsoft Defender for Office 365. There is a Plan 1 and a Plan 2. Plan 1 is included in Microsoft 365 Business Premium. Plan 2 is included in Office 365 E5, Office 365 A5, Microsoft 365 E5 Security, and Microsoft 365 E5.

Some of the advanced features you get in Plan 2 include:

  • Attack simulation capabilities
  • Automated investigation and response
  • Threat trackers
  • Threat explorer
  • Campaign views (insights into a specific attack)

Learn How You Can Use Microsoft Defender for Office 365 to Protect Your Business

GKM2 can walk you through all the features of Microsoft Defender for Office 365 and help you set up and administer your account for advanced security.

Contact us today for a free consultation. Call +61 2 9161 7171 or reach out online.