Tagged: Security
Safe attachments and links to protect your Office 365 collaboration
In this post I describe how you can configure safe attachments and safe links in Microsoft Office 365 Advanced Threat Protection (ATP) to make your communication and collaboration a more secure. It is for your Office 365 workloads (SharePoint Online, OneDrive for Business, Exchange Online and Microsoft Teams).
Please note, that is is just one of many measures to secure your communication and collaboration in Microsoft Office 365. This is only a single part – well, two capabilities – of a more holistic and required security architecture concept. Moreover, the below description, configuration etc. might change anytime and is just an example, demo piece.
Basics
Let me describe it as follows short and simplified:
What are Safe Links?
Safe Links are (hyper)links/urls which are pre-checked (in a sandbox) before a user opens the link. This “pre-check” is built to check if the website behind the link is ok or might be bad, start to download malware or something else which might harm your system/s.
What are Safe Attachments?
Safe Attachment[s] is a feature which checks attachments and tries to detect if it is malicious.
Requirements
You need a subscription which includes Microsoft [Office] 365 Advanced Threat Protection (ATP).
To configure this your administrative Office 365 account must have the global admin, security admin or Exchange Online Organization Management role assigned.
Configuration overview and walk-through
For both, you can start at https://security.microsoft.com/securitypolicies in the Microsoft 365 Security portal.
The following screenshots depict what I configured, so you can of course configure it another way depending on your needs and requirements.
1 Open https://security.microsoft.com/securitypolicies
2 Policies
3 + 4 Configure each (ATP safe attachments + ATP safe links)
ATP Safe Attachments
1 Enable ATP for SharePoint, OneDrive and Teams
2 Save it, to enable it
3 Protect attachments – create a new safe attachments policy
1 + 2 Give it a name + description
3 Configure handling
4 + 5 Enable redirect of potentially maliciouse attachements to another mail [don’t use a usual mailbox, create a “dumpster mailbox” just for that purpose]
6 Configure condition/s / exception/s
7 Save it
Validate input and check if the policy is enabled and the priority fits in case you create several policies.
ATP Safe Links
1 Configure the default Safe Links organization policy
2 Create Safe Link policies for specific recipients
1 Enable it for all Office 365 Apps, … iOS and Android
2 Configure “reporting” + handling
1 + 2 Give it a name + description
3 Turn it on
4 Enable real-time scanning for URLs including content for download
5 Enable it internally, too
6 Configure “reporting”
7 Enable – disables users to click the original URL from the warning page if it is blocked
1 Configure condition/s / exception/s
Validate input and check if the policy is enabled and the priority fits in case you create several policies.
Finally, test and verify your configuration. Regularly take a look into your security reports to enhance your configurations. Plus, don’t forget from time to time to check out what has changed to keep your security configurations always at a current level.
Conclusion, opinion and summary
Safe Links and Safe Attachments are very helpful features in Microsoft Office 365 to make your communication and collaboration more secure regarding sending/receiving links and attachments. These two features are options to increase your security setup with Office 365. I think it might be a good idea to enable it if you do not yet have something like this in place already.
Although it makes links and attachments safe[r] there are more and more advanced/intelligent threats and approaches available to trick and compromise users and systems. So, admin and user security awareness is also essential although you can get rid of many threats with a holistic security architecture and technical solution or service implementations.
Additional resources
How to secure Microsoft Teams? Some thoughts.
In this post I give you an architectural overview on thoughts, ideas and options to a more secure communication and collaboration experience with Microsoft Teams.
It’s inevitable to provide a secure, modern and usable (!) solution for your users, your company and keep identities and [information] assets secure. I want to emphasize usable because you can surely set up a highly secure service, however, if you do so, nobody might be able to use it because you locked it too restrictively. So, this will probably cause other headaches, first of all users need to get work done and might workaround that highly secured service [just using anything else which they find online]. No adoption. Hence, the added value of the communication and collaboration solution and the ROI will never be achieved. That’s why you need to figure out a suited balance between security and collaboration.
Microsoft Teams as part of the Microsoft 365 cloud services can leverage these comprehensive security features to enable a secured communication and collaboration. Besides the fact that Microsoft encrypts data in transit as well as at rest.
The following slides contain what you could do to secure your Microsoft Teams communication and collaboration experience by not giving up usability and a modern teamwork experience.
Beyond these basic security considerations in the slides you could, of course , also make further and more granular optimizations, for example …
- in the Microsoft Office 365 Admin Center
- in the Microsoft Teams Admin Center
- in the Microsoft SharePoint Online Admin Center
- in the Microsoft One Drive for Business Admin Center
- in the Microsoft Exchange Online Admin Center
- as well as in other Microsoft Admin Centers
as needed.
Conclusion, opinion and summary
Microsoft 365 enables you to secure Microsoft Teams and Office 365 with the eligible licenses. There are many aspects around securing your modern teamwork experience. It starts with general identity and information protection and goes ahead with fine tuning Microsoft Office 365, Teams, SharePoint Online, Exchange Online, Yammer etc. There are some bigger and some smaller switches to be aware of and to configure modern teamwork secure. E.g. guest access, external access (federation), message policies, meeting/conferencing policies, app setup policies, app permission policies and many more. At least but not at last you also should think about monitoring and auditing so that you’ll be able to trace things in case it is required.
Additional resources
- Microsoft Teams Essentials for IT | Security and Compliance
- Overview of security and compliance in Microsoft Teams
- Microsoft Teams Security and Compliance
- Detect workplace harassment and respond – Communication Compliance in Microsoft 365
- Location of data in Microsoft Teams
- Introducing Conditional Access for the Office 365 suite!
- Microsoft Data Loss Prevention (DLP)
- Microsoft Cloud App Security
- Auditor Reports (Service Trust Portal)
- Microsoft Cloud Architecture Security Download
- Microsoft Cybersecurity Reference Architecture
