First off, let’s make sure everyone undertands why small businesses are at risk of a cyber attack. The hacker is never just after you. They are after your contacts; who you do business with. Maybe you buy from a large vendor worth millions. It’s easy for them to use you to get to them. These days, cyber security crime continues to increase. It’s important that businesses know all the ways an attack can occur. It can be something as simple as a phishing email or a social engineering attempt. With the simplicity of how these attacks occur in your mind, let’s talk about what Microsoft is doing to help you keep your business protected.

Advanced Threat Protection is a cloudbased filtering service that can protect email attachments, links, files uploaded by users to OneDrive for Business, Share-Point online and Teams. It can also detect links to phishing websites, sites with uploaded malware code, and presence of malicious code in downloaded/uploaded files.

There are a few subscription options available, but for now, let’s focus on safe attachments, safe links, safe documents, and anti-phishing.

Safe Attachments

Safe Attachments scanning takes place in the same region where your Office 365 data resides. To find where your data resides, you can go to the tenant specific data location in your Microsoft 365 admin center in Settings > Org settings > Organization profile tab > Data location.

All messages and attachments that don’t have a known virus/malware signature are routed to a special environment where Defender for Office365 uses a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the messaged is released for delivery to the mailbox.

Safe Links

The Safe Links feature proactively protects users from malicious URLs in a message or in an Office document. The protection remains every time they select the link. Malicious links are dynamically blocked while good links can be accessed. Safe Links are available for URLs in the following apps:

  • Microsoft 365 Apps for enterprise
  • Office for the web
  • Word Excel and PowerPoint for Windows
  • Microsoft Team channels and chats

Please note that users must be licensed for Defender for Office 365, must be included in Safe Links policies and must be signed in on their devices for protection to be in place. Organization-wide Defender for Office 365 is also available.

Safe Documents

If you have the Defender feature in place, did you ever notice how your document is attached in Protected View? Files from the internet and from other potentially unsafe locations can contain viruses, worms, or other kinds of malware that can harm your computer. To help protect your computer, files from these potentially unsafe locations are opened as read only or in Protected View. This allows
you to read a file see its contents and enable editing while reducing the risks.

Anti-Phishing Policies

Anti-phishing policies can help protect your organization from malicious impersonation-based phishing attacks and other types of phishing attacks. Admins can view, edit and configure (but not delete) the default anti-phishing policy. You can also create your own policies; think of it as setting rules to just your mailbox, but with the capability to apply them to the whole organization.

While these features are all in place, it’s also important to educate your staff on security awareness. Teach them to know what to watch out for and what to do when they suspect suspicious activity.


Katie Kremer is a Training and Project Specialist for Office 365, Security Awareness and Nextiva Phone Trainings. Katie has over 15 years of experience in the IT field and a degree in Business Information Systems.