This post was originally written by Rudra Mitra, director for Office 365 Information Protection Engineering
The built-in suite of powerful threat protection services for Office 365—
The foundational elements of Office 365 threat protection include:
Overview of enhanced capabilities for Office 365 threat protection.
Here’s a summary of the enhancements we made to these elements:
Phishing has many forms ranging from “royalty” offering rewards to more sophisticated and targeted campaigns. Cybercriminals continue to find other attack methods, manifesting in a rise of phishing campaigns across the industry landscape, including in Office 365. We have a >99.9 percent malware catch rate, and to better protect customers against phishing, we made following enhancements in Office 365:
The new anti-phishing technology made available to our customers is leveraged by Microsoft Core Services Engineering and Operations (CSEO). As one of the world’s largest enterprises, Microsoft faces concerns and security requirements similar to our customers. With the enhanced protection capabilities, our customers should have even greater confidence with Office 365 threat protection.
Different types of phishing attacks seen in the threat landscape.
For users to be educated on flagging suspicious links coming through email, they must have visibility to the destination URLs point. Now, Office 365 offers the Native Link Rendering feature that enables Office 365 ATP customers to view the destination of URLs and make more informed decisions when clicking links. This feature is currently available for the Outlook Web App and coming to the Outlook client later this year.
In addition, admins who enable the Report Message button in their Outlook client can empower users with the ability to report a suspicious email as potential phishing, sending the email directly to Microsoft for further analysis.
Example of the Native Link Rendering and Report Message features in Outlook Web App.
The enhanced Phish view in the Security & Compliance Center dashboard offers admins new reporting capabilities that provide broader visibility, control, and finer detail on the threats impacting their organization. The Phish view offers ATP admins with enriched phishing, malware, and user submission (the emails reported by users) details. In the coming months, we will add more details to the Phish view, exposing the category of phishing email that is blocked. Additionally, enhancements are also launching for new reporting views for EOP customers.
Enhanced Phish view in the enriched admin capabilities for Office 365 ATP.
Since we first announced Office 365 Threat Intelligence, we added powerful threat remediation features in the service. Admins can proactively search for suspicious emails and delete them before any adverse impact to the organization. Additionally, threat trackers are available enabling admins to perform investigations on potential threats to the tenant.
Remediation actions available for proactive deletion of suspicious emails.
Threat Intelligence also features the Attack Simulator to help raise awareness and provide an education for modern threats. Using the Attack Simulator, admins can launch realistic threats at specific users. This allows them to update policies and protection based on actionable insights from the simulations. Our recent webcast provides a detailed update on the impressive set of capabilities offered in Office 365 Threat Intelligence.
Attack simulator dashboard.
Security for the modern workplace is fundamental to our customers’ digital transformation journey. Start an Office 365 E5 trial to experience holistic protection of the modern workplace.