Microsoft has updated the security features of Microsoft Defender for Office 365 and is launching Defender’s built-in protection for Office 365. This is a security feature for Office that can automatically enable recommended settings and policies to ensure that all new and existing users get at least basic protection.
Microsoft Defender for Office 365 provides automated attack remediation for Office 365 corporate email accounts and protects them from various threats, including corporate email leaks and credential phishing. Some security controls are inadvertently ignored, causing some or all users to be unable to get complete protection, said Sundeep Saini, Office 365 senior project manager. Not turning on these key protection features may cause users to unintentionally receive phishing emails, etc.
We are introducing built-in protection for Microsoft Defender for Office 365 to automatically elevate all users in the organization to a basic level of security protection, Microsoft explained on the Microsoft 365 roadmap. When this feature is enabled, it will use secure attachments and secure links to protect all existing and new end users in the tenant from phishing emails with malicious attachments and links, without the administrator taking any action.
Join RealMi Central on Telegram, Facebook & Twitter
Roll Out To Subscribers Worldwide
This new default security feature is designed to bridge the gap in corporate protection coverage and improve the overall security status of the organization by reducing the risk of non-compliance. After the launch, the built-in protection will also automatically protect the use of new domains added to the tenant, which contains basic levels of security links and security attachments, thereby reducing the time required to protect newly registered users.
We will also publish the option to configure exceptions in the Microsoft 365 Defender portal before enabling the built-in protection policies, Saini added. Although we do not recommend it, we recognize that certain organizations need to exclude certain users or groups from the built-in protection, and administrators will have the opportunity to configure these exceptions.
It is reported that this new default security function is scheduled to be launched this month, and will continue to provide standard configurations for global users before the end of the year, and will be fully available in December.