Microsoft Adds Protection For Critical Accounts In Office 365
Microsoft is working on improving Microsoft Defender for Office 365 with priority protection features for accounts of high-profile employees like executive-level managers that threat actors target most often.
Microsoft Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection) provides Office 365 enterprise accounts with email threat protection from advanced threats including credential phishing and business email compromise, automatically remediating detected attacks.
The feature is currently in public preview and Microsoft plans to make it generally available to all customers with Microsoft Defender Advanced Threat Protection in November 2020.
Customers that will get access next month include are required to have Defender for Office 365 Plan 2 subscriptions, including those with Office 365 E5, Microsoft 365 E5, or Microsoft 365 E5 Security.
Easier to focus protection efforts on the C-suite
“Over the past few years, attackers have increasingly moved from targeting infrastructure or devices to targeting users,” Microsoft says in a roadmap entry detailing the new feature.
Also Read: PDPA Breach Penalty Singapore: How Can Businesses Prevent
“As a result, organizations need protection for all users, but even more protection for their most visible and targeted employees.”
Once available, the new feature known as Priority Account Protection would allow an organization’s security team to provide critical accounts with custom-tailored protection measures to prevent targeted attacks that could lead to security breaches.
Priority Account Protection allows prioritizing alerts and threat investigations involving an organization’s most visible or targeted executive-level users.
It also enables security teams to identify attacks targeting critical Office 365 accounts easier and to quickly move their efforts onto campaign investigations involving C-suite users.
“These Priority account tags and filters will surface throughout the product, including in alerts, Threat Explorer, Campaign Views, and reports,” Microsoft further explains.
Microsoft is also working on including SMTP MTA Strict Transport Security (MTA-STS) support in Exchange Online to secure Office 365 customers’ email communication security and integrity starting with December 2020.
Also Read: Data Protection Authority GDPR: Everything You Need To Know
Once MTA-STS is available in Office 365 Exchange Online it will protect the users’ emails against both email interception and downgrade or man-in-the-middle attacks.
Earlier this month, Microsoft announced the general availability of Office 365 consent phishing protections including OAuth app publisher verification and app consent policies.
0 Comments