What is Advanced Threat Protection for Office 365?

Reading Time: 6 minutes

Last Updated on 9th October 2020 by Toby Bell

Cyber security is at the forefront of many finance or IT professionals’ minds these days. It appears that nearly every day there is another corporation that has been hacked or experienced a cyber security threat of some kind. Protecting an organisation against cybercrime is no longer a job for the IT department. Every individual in a company needs to be aware of the risks of how they interact with the technology they are using and be on their guard against malicious emails that they might receive. Sometimes, it can be very difficult to tell if an email is genuine or not and it can seem completely inconspicuous.

If you are using Office 365 there will already be stringent security measures in place to ensure that your data is protected, however, you do have the ability to increase your security of Office 365 by implementing Advanced Threat Protection. The add-on allows IT to no longer worry about staff clicking on malicious links or attachments without thinking about whether it is genuine or not. While end user education is still key to fighting cybercrime, this technology reduces some of the risks of things like phishing emails. In this blog, we wanted to give an overview of the add-on for Office 365 and how it works.

Our inboxes are often the battleground for the war cybercrime is waging against businesses. We are plagued with phishing emails masking malicious links and attempts to gain sensitive information or money.

We need to constantly be thinking about the emails that we receive and the attachments and links that we open. Sometimes, no matter the amount of training that we have received, it can become difficult to always remember to be looking for danger in our emails. It’s very easy to be up against a deadline, rushed off our feet or just stressed out and then click on something that we weren’t supposed to.

Any tool that can help remove the risks that are posed to our staff and our businesses by email should be looked at with interest. Things like Anti-Spam, which is part of our 7 Steps to Cyber Security, have been around for awhile. Anti-Spam will filter out unsolicited email the best that it can yet there’s always going to be things that slip through the net.

It’s also important to think about the fact that sometimes emails are not intended to be malicious at all. A colleague or contact might send us an email with an attachment and not realise that it contains a virus.

Advanced Threat Protection is a new tool that has been made available to add-on to your Office 365 package. It scans the links and attachments that arrive in our inboxes to ensure that they are not malicious. In this blog we are going to look at how Advanced Threat Protection works and how it can benefit your business.

What is Advanced Threat Protection?

Advanced Threat Protection enables an organisation to be able to protect its users and their inboxes against attacks in real time. There are new types of malware being developed every day and it is difficult to be able to protect against something brand new. With Advanced Threat Protection, malicious links and attachments are scanned to ensure zero-day protection. Zero-day is the IT industry term for cyber threats that are new and there are no patches or measures developed yet to defend against them.

Advanced Threat Protection is one of the latest security tools that Microsoft has made available to add-on to Office 365. The concept of the tool is that it provides an added layer of security to your inbox to mitigate against the accidental clicks that can sometimes occur.

New security risks are appearing every single day and Advanced Threat Protection scans the emails you receive in real-time to ensure that you are not making yourself open to them.

One part of the tool is called Safe Attachments and this is focused on ensuring the attachments that you receive do not contain malware or other risks. All suspicious content is scanned using malware behavioural analysis technology (it scans it to see if it appears malicious) to identify if there is any suspicious activity. Any attachments that are deemed unsafe are sandboxed (isolated from the environment). The recipient will then not be able to open the attachment.

The other part of the tool is called Safe Links. Safe Links protects your environment if you click on a malicious link. As content is scanned, the URLs of links are rewritten so that they go through Office 365. The URLs are checked in real-time as the user clicks on them, if the link is malicious then the site will be blocked and the user will not be able to access it.

Another handy aspect of Advanced Threat Protection is the reporting that is on offer. You are able to see who in your organisation is being targeted with cyber-attacks and the scale of the attacks that you are facing.

How Advanced Threat Protection Works

We’ve explained what goes on in the background with Advanced Threat Protection. What the user or recipient of the email actually sees is not particularly intrusive unless there’s a problem.

When you receive an email with a link or attachment, you have to a wait a couple of seconds for the contents to be scanned. It’s only a few seconds, which can be frustrating if you want to open something straight away. Most people expect everything instantly these days. The way you have to see it is those handful of seconds could be the difference between a day of downtime and you getting everything done today.

If there is nothing wrong with the link or attachment, then the user is able to carry on and open what they need to without any further interruption.

If there is something wrong to be found with the contents of the email then the user is stopped from opening any links or attachments.

If the user clicks on a link that is malicious then the browser will be opened and they will be faced with a red screen informing them that there is an issue with the link and that it is highly recommended that they do not proceed in going any further.

On the other hand, if the user tries to open an attachment that is viewed as malicious by Advanced Threat Protection then they are not able to open the document.

Protection against unsafe attachments

Advanced Threat Protection adds a new feature to Office 365 that scans all attachments with a real-time malware behavioural analysis. What this means is that if you receive an attachment it is scanned before you can open it to check it’s safe. The scan evaluates the content in the attachment for suspicious activity, if it believes it is suspicious the recipient will not be able to open it.

Protection against malicious links

One feature of Advanced Threat Protection is that it scans any links in emails for malicious content. The security add-on then goes a step further and rewrites the URLs to go through Office 365. Any URLs are scanned as the user clicks on them and if the link is malicious the user is warned that the site has been blocked or not to visit it. The feature even comes with reporting so that administrators can see who has clicked on a link and when they clicked on it.

Reporting and tracking

Advanced Threat Protection also gives you access to data to gain insight into what is going on with the security in your organisation. You can access reports that highlight and investigate messages that have been blocked and where links have been clicked on.

Benefits of Advanced Threat Protection

Advanced Threat Protection is an essential tool for businesses using Office 365 as it is an addition that brings little cost and a lot of benefit. The tool removes the risk of human error when it comes to cyber security and makes inboxes a much safer place, especially for those that are not overly IT literate.

Advanced Threat Protection can in most cases be added on to your Office 365 subscription for as little as £1.50 per user per month, making it a low-cost tool to mitigate high risks.

One of our essential steps to cyber security is end user education. We always recommend that you make sure that your staff are trained to recognise security threats. We also recognise that no matter what training we are given we can all still make mistakes. Advanced Threat Protection is a brilliant tool to mitigate against those mistakes.

Added security for peace of mind

By enabling this security add-on in Office 365, you are increasing the safety of your network. You will no longer need to worry about staff vigilance and whether they click on emails and attachments without thinking. To a certain extent, the technology with Advanced Threat Protection will do the thinking for you now. It analyses whether the content is safe before allowing your user access to it. Even if your users are pretty savvy when it comes to malicious emails, the malware behavioural scanning that comes with this add-on will be able to come to a more accurate conclusion than a member of your team, especially if it appears that email is from someone they know.

We would love to hear your thoughts and ideas on Advanced Threat Protection. If you would like to know more, say hello today and call 01675 469020 or email hello@acutec.co.uk

Wait! Before you go...

We hope you found this article useful. If you did, why not sign up for tech updates before you go? You’ll be first to be notified on new updates

    teams ebook
    Get your copy of the ACUTEC Guide to Teams 2020 while it’s hot!