Microsoft Defender for Office 365 Gets Differentiated Protection for Priority Accounts

security hero

Microsoft Defender for Office 365 is getting a new update that lets enterprise admins prioritize threat protection for critical users. The priority account protection feature, which was announced back in February, started rolling out earlier this week, and it should hit general availability next month.

For those unfamiliar, Microsoft Defender for Office 365 introduced priority accounts support back in 2020. The feature enables IT admins to tag sensitive email accounts in an organization to prevent sophisticated attacks and security breaches. It is designed to protect employees such as managers, executives, and leaders who have access to sensitive information.

With this release, Microsoft Defender for Office 365 service now uses machine learning to better protect users tagged as priority accounts.

“By focusing on these specific user sets and the attacks targeting them, we were able to enhance machine learning models to provide a higher level of protection. We were also able to adjust other aspects of the protection stack such as how messages are handled in our detonation chambers, again increasing the protection provided to these accounts,” Microsoft said yesterday.

priority account protection

How to configure priority account protection in Microsoft Defender for Office 365

Microsoft says that the priority account protection feature is enabled by default for all “pre-identified critical users” in an organization. However, IT admins will be able to manually turn on this feature by following these steps:

  1. First up, head to the Microsoft 365 Defender portal and navigate to Settings >> Email & collaboration >> Priority account protection.
  2. Finally, turn on the Priority account protection option, as shown in the screenshot above.

Additionally, Microsoft Defender for Office 365 has added a new Context filter in the Threat Explorer view. It allows IT admins to view malicious emails targetting priority accounts. Microsoft has also updated the Threat Detection Details tab on the Email Entity page with stats such as security threats and corresponding detection details.

Microsoft Defender for Office 365 Gets Differentiated Protection for Priority Accounts

Last but not least, Microsoft Defender for Office 365 now lets IT admins create custom alert policies. It is also possible to use priority account tags for running simulated attacks on end-users.

The priority account protection feature is currently available for Microsoft Defender for Office 365 Plan 2 subscribers (Office 365 E5, Microsoft 365 E5, or Microsoft 365 E5 Security). If you’re interested, you can find more details on this support page.