Advanced Threat Protection in Office 365

As the Internet has grown, with it being predicted that three-quarters of the world’s population will be online by 2022, so has cybercrime. Although there are many sophisticated applications available to block cybercriminals, one of the greatest dangers to a company’s or individual’s security is human error, with it being estimated that 90% of security breaches are a result of user mistakes. Microsoft’s new Advance Threat Protection (ATP) in Office 365 aims to mitigate or even abolish this problem by offering complete protection against malware, viruses, and phishing attacks.

Office 365 ATP filters emails coming into a computer or system, offering real-time analysis of threats and protecting against malicious links. Its URL tracing feature gives administrators the capacity to monitor every URL link that comes in via email. When the recipient of an email clicks a link, ATP undertakes scanning and analysis and will block access to unsafe or suspicious URLs.

The problem with malicious attacks up to now is that antivirus software can only identify threats once they have been activated, i.e., the software will only have threats on its database once they have appeared. ATP not only blocks threats it already has in its database, but puts all other emails into a virtual holding pen in which content is monitored and analyzed. Emails are only allowed through to the user if they have been thoroughly scanned and marked as safe.

Another feature of ATP is that it assists users in identifying spoof emails. Spoof emails are ones that imitate a user’s own domains and those of trusted partners, tricking users into opening emails containing threats. With ATP, the software tracks and monitors all emails in a system, both those coming from outside and internal ones, and alerts the user to the danger. It does this rather than immediately block such emails because there may be a reason for an email to spoof a user’s domain, e.g., when an external advertising company is providing services centered on the user’s domain.
ATP is fully customizable for all users, and administrators can visit the ATP dashboard to see the ways in which the software is protecting their system and which URLs and emails it has been blocking.