What is Microsoft Office 365 Advanced Threat Protection, and Why Should You Have It?
Bad actors like phishers, scammers, malware authors, and ransomware authors employ a number of tactics to try and coax you and your team to launch malicious content in your organization’s protected files. It used to be enough to have a good, current antivirus package to scan files, but it’s become increasingly easy for malware authors to make one or two key changes and make their software appear different enough to get through traditional scanners. In addition, most malicious emails today have moved away from attachments to using malicious links, waiting for you to click the link and take you to the actual damaging file or website. The most sophisticated attacks now send a link that works at the time the email is originally delivered to you, which gets the email through many anti-malware detection products, but then the attacker changes the link’s destination a day or two later after it has supposedly been scanned and cleared. Now that bad link is right there waiting to be clicked to direct you or your team to a malicious file, interruption to your business, and financial or reputation damage.
Microsoft has developed Advanced Threat Protection (ATP) for Microsoft Office 365 which adds another layer of protection against these increasingly more-sophisticated email and file attacks. It’s part of our recommended best practices for email security for your environment.
Microsoft O365 ATP adds two key security protections to your organization:
- Microsoft SafeLinks, which updates links in emails you receive to check the security of the link at the time you or your team click the link, each time the link is clicked.
- Email attachment, SharePoint, and OneDrive file scanning, using behavior-based heuristic analysis to identify new threats. Most anti-malware solutions look for known threats and malicious files. Microsoft’s ATP for Office 365 simulates opening suspect files safely in Microsoft’s secure data center evaluation environments and acts based on what that suspect file actually does once it thinks it’s been opened.
There’s no additional software to install or maintain on your office computers. Microsoft O365 ATP operates behind the scenes, on Microsoft’s servers, in Microsoft’s cloud environment, protecting your email, SharePoint Online files, and OneDrive files.