Advanced Threats Protection for Microsoft Teams

Posted by

The inclusion of O365 ATP is a a great tool in included inside the Security and Compliance Center it allows to analyze deeply URL’s and attachments before letting end-users accessing it, the bad part, it is included in E5 O365 licenses, if you want to learn more about ATP check the following link: https://support.office.com/en-us/article/Office-365-Advanced-Threat-Protection-e100fe7c-f2a1-4b7d-9e08-622330b83653?ui=en-US&rs=en-US&ad=US

To enable ATP for SharePoint and Teams, go to the Security and Compliance administration center (https://protection.office.com/) and then go to Threat Management,

atp1 atp2

Then check the box Turn on ATP for SharePoint, OneDrive and Microsoft Teams to enable ATP for these workloads

atp3

Then it make take up to 30 minutes to be completed. Once ATP detects a malicious file a notification will be displayed on the SharePoint web page and blocks access to the infected file

atp4

As administrator you can also create an alert to get notified when an infected file is detected on SharePoint, OneDrive or Teams.

While still in the Security and Compliance portal, reach out to the Alerts\Alert policies section

atp5

And create a new alert policy with the following settings:

  • Name: name the alert policy as you want
  • Severity: set the severity as you wish (between low, medium and high)
  • Category: Threat management
  • Activity is: Detected malware in file
  • Leave other settings as default
  • and finally define the recipient(s) for this alert

atp6atp7atp8

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s