Microsoft is rolling out Built-In Protection to Defender for Office 365, a new feature that would automatically enable recommended settings and policies to make sure all new and existing users get at least a basic level of protection.
Microsoft Defender for Office 365 (previously known as Office 365 Advanced Threat Protection or Office 365 ATP) provides Office 365 enterprise email accounts with automated attack remediation and defends them from various threats, including business email compromise and credential phishing.
“Some security controls are inadvertently overlooked, and as a result some or all users are left with incomplete protection,” said Defender for Office 365 Senior Program Manager Sundeep Saini.
“Not turning on these key protection features can lead to unintentionally allowing malicious messages, such as phishing messages, to be delivered to their inbox.”
“We are introducing Built-In Protection for Microsoft Defender for Office 365 to automatically elevate all users within your organization to the base level of security protection,” the company explains on the Microsoft 365 roadmap.
Once enabled, it will protect all existing and new end users across tenants from phishing emails with malicious attachments and links using Safe Attachments and Safe Links without requiring any actions from admins.
Rolling out to tenants worldwide
This new default security preset is designed to patch gaps in enterprise protection coverage and improve an organization’s overall security posture by reducing the risk of a breach.
After rollout, Built-In Protection will also automatically protect uses in new domains added to a tenant with a base level of Safe Links and Safe Attachment, thus reducing the time needed to protect the newly enrolled users.
“We will also release the option to configure exceptions in the Microsoft 365 Defender portal ahead of enabling the Built-In-Protection policy,” Saini added.
“Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions.”
The rollout for this new default security preset is starting this month and will continue to standard multi-tenants worldwide through the end of the year, reaching general availability in December.