Microsoft Defender for Office 365 to Get Preset Security Policy Improvements In June
Microsoft has announced some improvements coming to the preset security policies in Defender for Office 365 solution this summer. These policy changes should help IT admins use Microsoft’s recommended settings.
According to Microsoft, the preset security policies enable organizations to apply all recommended settings to Office 365 users. The list includes Strict protection, Standard protection, Custom security policies, and Built-in protection (with the same order of precedence).
“Preset security policies use the corresponding policies from the various protection features in Exchange Online Protection (EOP) and Microsoft Defender for Office 365. These policies are created after you assign the Standard protection or Strict protection preset security policies to users. You can’t modify the settings in these policies,” Microsoft explained in a support document.
Currently, IT administrators need to apply Standard and Strict protections to individual users in an organization with an active EOP and P1/P2 subscription. There is also the ability to disable the preset security policies for select users (if needed), but it is not recommended.
IT Admins will soon be able to apply preset security policies to all users
With this new release, IT Pros will be able to apply these security policies either to all end-users or to a customized list of targeted users. Microsoft says that this change will help to protect users from impersonation attacks. “You’ll no longer need to disable preset security policies and create custom anti-phishing policies when all you want is Microsoft’s recommended settings and impersonation protection,” Microsoft noted.
Microsoft says that IT administrators will be able to exclude specific email addresses from impersonation protection. However, it is impossible to completely disable the impersonation protection settings or modify the actions taken against impersonated messages.
Microsoft plans to roll out these simpler policy options to all customers in June, and it should hit general availability in August. The company advises IT Pros to keep an eye on the Microsoft 365 admin center posts for specific release timelines for their tenant.
More in Security
Microsoft Defender Vulnerability Management Adds New CVE Reporting Feature
Jun 30, 2022 | Rabia Noureen
Microsoft Releases Patches to Address Azure FabricScape Flaw Affecting Linux Workloads
Jun 29, 2022 | Rabia Noureen
Microsoft Defender for Identity Can Now Detect Insecure Domain Configurations
Jun 27, 2022 | Rabia Noureen
CISA Warns Unpatched VMware Servers Remain Vulnerable to Log4Shell
Jun 24, 2022 | Rabia Noureen
QNAP Releases Patch to Fix PHP Security Flaw Affecting Select NAS Devices
Jun 23, 2022 | Rabia Noureen
Microsoft Unveils New Edge Secured-Core IoT Devices to Block Firmware Attacks
Jun 22, 2022 | Rabia Noureen
Most popular on petri