Default Advanced Threat protection (ATP) as recommended by Microsoft

There is a lot happening on the Microsoft 365 front after spring 2020 when the evolution of the digital workplace accelerated even more. Remote working has led to changes for the whole society. Not least, the focus on IT security has increased as more and more people sit connected on networks that corporate IT managers don't have full control over. This places increasing demands on user identity, i.e. account protection. One way to do this is to ensure that files stored and sent by Microsoft 365 users (employees) comply with the recommendations and policies around IT security.

Microsoft has recently added a security configuration analysis feature to Office 365 Advanced Threat Protection (ATP) and in this blog post we'll go through what the news means.

Easy to follow Microsoft recommendations

In the past, IT security was often seen as something difficult and complicated. Even small configurations required consultants to fiddle and fiddle for almost as long as it took. But with smart new standardised settings, Microsoft 365 users no longer have to throw themselves on the line every time something needs to be changed. There are now features to standardise the entire IT environment and by using these, you are following Microsoft's recommendations.

The new feature catches errors and ensures that everything is configured correctly. No one has to build things that are now built into the system. Microsoft's Configuration Analyzer is the place to compare your own policy settings with Microsoft's recommended settings for EOP and Office 365 ATP.

Central settings for IT security

The default policy settings are not configurable, but are optimized by Microsoft based on observations and experiences from different data centers. The aim is to keep malicious content out without disrupting your work processes. The preset means you have a central place to apply all the recommended settings for spam, malware and phishing.

For you as an IT manager, it's easy to implement these settings for your entire organisation. You don't need to bring in third-party analytics tools for your email security and avoid expensive consulting hours to get the settings right for your IT environment.

How Configuration Analyzer works in brief

When you choose to implement Configuration Analyzer along with Microsoft's recommended security settings, you will get:

1. Clear indications of your position in the form of colour codes:

Green: All settings in all existing policies are at least as secure as the protection profile .

Yellow: A small number of settings in existing policies are not as secure as the protection profile.

Red: A large number of settings in existing policies are not as secure as the protection profile. This can be a few settings in many policies or many settings in one policy.

2. Ability to detect security gaps through testing and then receive suggestions for changes in settings and remediation if something proves to be wrong.

3. Reduced lead times and rapidly increased IT security because Configuration Analyzer is already built into Microsoft 365.

Of course, despite preset recommendations, there will be situations where exceptions need to be identified. This requires experience to avoid unnecessary mistakes that could lead to legitimate e-mails being stopped and not reaching their destination. This tool enables much of the work to be done at the touch of a button, making implementation both faster and more cost-effective for the customer.

Gustav Hallencreutz
Gustav Hallencreutz

Technical Lead - Security and Compliance

040 - 626 75 83gustavhallencreutz@wesafe.se

Inspiration and knowledge straight to your inbox

Sign up for our monthly inspirational newsletter that provides tips, insights and advice on new ways of working, processes and security related to Microsoft 365, Azure and various tools in the Microsoft cloud platform.

Free Security Analysis of your Microsoft 365 environment

Free safety analysis

Get concrete and actionable tips on how to better protect your organisation

Read more and book

Are you interested in other blog articles about Security and Compliance ?

Want to know how we can help your business with Security and Compliance? Get in touch and we'll tell you more!