News
Office 365 Advanced Threat Protection Now Supports SharePoint Online, OneDrive and Teams
Microsoft announced today that its Office 365 Advanced Threat Protection service is now commercially available for use with SharePoint Online, OneDrive and Teams.
The Office 365 Advanced Threat Protection service uses signals from Microsoft Intelligent Security Graph search technology to detect malware and threats. It also scans for usual user behavior. The service consists of "safe links, safe attachments, spoof intelligence, and advanced anti-phishing capabilities," according to a Microsoft support article description.
The Office 365 Advanced Threat Protection service was originally rolled out in April of 2015, but its ability to protect SharePoint Online, OneDrive and Teams specifically is now at the "general availability" stage, meaning it's deemed ready by Microsoft for use in production environments. Its extension to protect those applications had been highlighted back in September as part of the Microsoft Ignite event announcements.
Organizations with an Office 365 Enterprise E5 or Education A5 subscription have access to the Office 365 Advanced Threat Protection service. It's also available as an addition to various Office 365 subscription plans, as described in Microsoft's announcement.
Microsoft began rolling out the availability of the Office 365 Advanced Threat Protection service for SharePoint Online, OneDrive and Teams late last month. It's arriving gradually, though, over the "next several weeks," according to the support article.
Users of "premises-based" apps don't have access. For instance, organizations that use SharePoint Server in their own datacenters don't have access to the Office 365 Advanced Threat Protection service, according to the support article.
The Office 365 Advanced Threat Protection service for SharePoint Online, OneDrive and Teams has to be turned on by a global administrator or security administrator. A prerequisite is that audit logging must be turned on first. It takes 30 minutes for the Office 365 Advanced Threat Protection service to become activated. IT pros can then set up alerts when malicious files get detected, but the files are also logged in an overall report.
The service will mark malicious files housed in document libraries. People can still see the file in a list, but they will be blocked from opening them. Microsoft's service doesn't scan every file. Instead, it acts on files that are identified by its "smart heuristics."
About the Author
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.