Microsoft 365 Defender
Information Security is applying advanced Microsoft 365 Defender security features to a subset of staff and faculty at the University. These security features will provide an added layer of protection to Microsoft 365 accounts and will safeguard the community against malicious threats posed by attachments, links and documents.
About DefenderMicrosoft 365 Defender is a cloud-based service that helps protect an organization against unknown malware and viruses. These security features provide an added layer of protection to identified users' Microsoft 365 accounts and safeguard them against malicious threats posed by attachments and links (URLs) in email messages and links in documents.
As part of the first phase of this project, the following Microsoft 365 Defender security features are currently in use at the University:
- Safe Links (Email): Safe Links checks every URL found in your incoming email and verifies that the website link is safe to view. If the link you click is determined to be safe to view, the link will work as expected. If the link is determined to contain malicious content, a warning will be displayed, and you will not be able to use the link.
- Safe Links (Documents): Safe Links checks every URL found in supported M365 applications such as Word, Excel and PowerPoint documents. If the link you click is determined to be safe to view, the link will work as expected. If the link is determined to contain malicious content, a warning will be displayed.
- Safe Attachments: Safe Attachments protects you from malicious attachments like Excel, Word or PDFs that contain malicious code or actions by automatically scanning incoming email attachments. If the attachment is found to be safe, it will be delivered to your inbox. If the attachment is found to be unsafe, you will receive the email but not the attachment. The attachment will be replaced with a text file called “Malware Alert Text.txt” that contains a warning. This process is automated: the files are never seen by humans, and the safe attachments are not retained.
As part of the second phase of this project, the following Microsoft 365 Defender security features will be implemented for select users:
- ATP for SharePoint, OneDrive and Microsoft Teams: ATP for SharePoint, OneDrive and Teams protects you by automatically detecting and blocking malicious files in document libraries and teams sites in SharePoint, OneDrive and Teams. When it detects a malicious file in a document library that you have access to it will not allow you to access that file.
- ATP for Safe Documents: ATP for safe documents uses Microsoft threat detection software to scan documents and files that are opened in Outlook. When you open an email attachment such as a Word file, the file will launch in Protected View by default. Safe Documents takes away the guesswork by automatically verifying the document against the latest known risks and threat profiles before allowing users to leave the Protected View container.
- Safe Links for Teams: Safe Links for Teams checks every URL found in your Teams conversations, group chats, channels and pinned tabs and verifies that the website links are safe to view. If the link you click is determined to be safe to view, the link will work as expected. If the link is determined to contain malicious content, a warning will be displayed, and you will not be able to use the link.
- Enhanced anti-phishing policies
- Gerald Lindo, Project Manager, EASI
- Haniyeh Yousefpour, Project Manager, Information Security
- Isaac Straley, Chief Information Security Officer, Office of the CIO
- Kathleen McLeod, Services Engagement Coordinator, EASI
- Mike Wiseman, Associate Director, Strategic Security Initiatives, Information Security
- Sue McGlashan, Manager, Information Risk Management, Information Security
- Tanya Shattuck, Office 365 Administration & Security Manager, EASI
- Vicki Vokas, Manager, Enterprise Digital Workplace, EASI