Tips for Staying Safe with Office 365 Advanced Threat Protection


We take security very seriously here at Tolar Systems. That’s one reason we’re so excited about the latest security feature that’s available with Microsoft’s Office365 software. The feature is called Office365 Advanced Threat Protection: it helps keep users and businesses safe from a variety of online threats.

On today’s blog, we’ll talk about what Advanced Threat Protection is, how it works and how users can make their online experience safer by using it.

What is Office 365 Advanced Threat Protection?

In recent months we’ve seen cybersecurity become a growing concern for the small and medium size businesses we serve. In fact, in 2018, we estimate that about 25 percent of our support tickets were spam or malicious email-related. That’s why we’re excited to introduce Microsoft Advanced Threat Protection, or ATP, a new security feature available with Microsoft Office365.

ATP isn’t just a virus or malware scanner. It uses machine learning to protect your business when users open attachments, click links, work in cloud-based collaboration environments such as OneDrive, Sharepoint and Teams. It even protects against phishing attempts in email.

The ATP feature “suite” is comprised of several elements:

  • ATP Safe Attachments operates in your email environment to protect your users and systems from malicious email attachments. When an email with an attachment is opened, ATP Safe Attachments routes the attachments to a dedicated environment where it is scanned to determine whether the attachment contains viruses or malware. This feature utilizes machine learning to dynamically determine whether the attachment is safe to open. If it is, it is routed out of the analysis environment, directly to your inbox.
  • ATP’s Anti-Phishing protection also uses machine learning within your email environment to determine whether an incoming email has indicators of a phishing or impersonation attempt. If an impersonation attempt is detected, ATP Anti-Phishing Protection then triggers the other ATP responses (Safe Links, Safe Attachments and ATP for your cloud collaboration environments and data storage) according to the policies your organization has predetermined.
  • ATP Safe Links scans links in email and throughout the Office application suite to ensure that any links users encounter are safe to open. ATP allows users to click to open safe links, while unsafe links are blocked.
  • ATP for OneDrive, Sharepoint and Teams – Office 365 ATP isn’t just another email protection tool. It can also work within your other cloud collaboration environments such as OneDrive, Sharepoint and Teams, to improve security in team sites, document libraries and team messaging.

Using Office365 ATP

When using Office, ATP works in the background of your email, browser and collaboration applications like OneDrive, Sharepoint and Teams to keep you safe. From a user perspective, ATP is very easy to use. Here are some tips to have the best experience when using Microsoft Office365 Advanced Threat Protection or ATP:

  • Office 365 Advanced Threat Protection safelinks When using links in email or other programs, hover first over the link before clicking. ATP will quickly analyze the link to determine if it’s safe. If it is, the link will open on click. If not, the link will be rerouted to a page that looks like the image at right.
  • Be patient when opening files in email or other collaboration environments. ATP will open files in a secure environment so that they can be analyzed for threats, and it may take a few moments for this process to be completed.

For business owners and IT administrators, there’s a bit more involved in using ATP. ATP is centrally administered in each organization by the Office365 Global Adminstrator, Security Adminstrator or Exchange Online Organization Manager. At Tolar Systems, this is something we handle for our clients. ATP settings should be aligned with organizational security policies to provide maximum security benefit to your organizaiton, with minimal impact in terms of blocked emails from safe senders.

What Else Can Office365 ATP Do?

For IT managers and executives, ATP isn’t just about blocking links and preventing malicious files from being opened. It can also provide reports and threat tracking that allows an organization to understand what threats are most likely to target their business in the near future, and respond more effectively. ATP threat intelligence provides information about the latest malware trends and how to prevent them from attacking your business. You can analyze recent threats to your business, and even prepare for a future attack by using the ATP Attack Simulator to learn if your current security measures will be enough to protect you in case of a cyberattack.

Get Office365 Advanced Threat Protection from Tolar Systems

Tolar Systems is rolling out Office365 ATP across the organizations we work with as part of our efforts to put security at the forefront of our managed IT services.  If you’re a Tolar client, you may have already noticed ATP working in the background to protect you when working online. If you’re not a Tolar Systems client, but you’d like to learn more about ATP and how it can protect your business, contact Tolar Systems today.