Secure U of T Advanced Threat Protections

About Advanced Threat Protections

Secure U of T's advanced threat protection initiative uses Microsoft 365 Defender, a cloud-based service, to help protect the University against unknown malware and viruses. These security features provide an added layer of protection to identified users' Microsoft 365 accounts and safeguard them against malicious threats posed by attachments and links (URLs) in email messages and links in documents.

 

 

Additional Resources

Phase One

As part of the first phase of this project, the following Secure U of T security features are currently in use at the University:

  • Safe Links (Email): Safe Links checks every URL found in your incoming email and verifies that the website link is safe to view. If the link you click is determined to be safe to view, the link will work as expected. If the link is determined to contain malicious content, a warning will be displayed, and you will not be able to use the link. 
  • Safe Links (Documents): Safe Links checks every URL found in supported M365 applications such as Word, Excel and PowerPoint documents. If the link you click is determined to be safe to view, the link will work as expected. If the link is determined to contain malicious content, a warning will be displayed. 
  • Safe Attachments: Safe Attachments protects you from malicious attachments like Excel, Word or PDFs that contain malicious code or actions by automatically scanning incoming email attachments. If the attachment is found to be safe, it will be delivered to your inbox. If the attachment is found to be unsafe, you will receive the email but not the attachment. The attachment will be replaced with a text file called “Malware Alert Text.txt” that contains a warning. This process is automated: the files are never seen by humans, and the safe attachments are not retained.

Phase Two

As part of the second phase of this project, the following Secure U of T security features will be implemented for select users:

  • Safe Documents: Safe Documents uses Microsoft threat detection software to determine if Office documents are malicious files, opening them by default in protected view. Safe Documents will then automatically verify the documents against the latest known risks and threat profiles before allowing users to leave the protected container.
  • Enhanced anti-phishing policies: Advanced anti-phishing policies add an additional layer of security to your University of Toronto email account. These policies use machine learning models to identify and protect you from phishing attempts by notifying you when an email you receive seems suspicious. The implementation of these features will be in three phases: tuning, notification and action. Learn more in the Enterprise Service Centre.

Project Team

  • Gerald Lindo, Project Manager, EASI
  • Haniyeh Yousefpour, Project Manager, Information Security
  • Isaac Straley, Chief Information Security Officer, Office of the CIO
  • Kathleen McLeod, Services Engagement Coordinator, EASI
  • Mike Wiseman, Associate Director, Strategic Security Initiatives, Information Security
  • Sue McGlashan, Manager, Information Risk Management, Information Security
  • Tanya Shattuck, Office 365 Administration & Security Manager, EASI
  • Vicki Vokas, Manager, Enterprise Digital Workplace, EASI