Office 365 Advanced Threat Protection 101: ATP
Safe Links Policies
Previously, in Part 2 of this Office 365 Advanced Threat Protection 101 article series, we explored how to create ATP Safe Attachment policies and how to enable ATP protection to files in SharePoint Online, OneDrive for Business, and Microsoft Teams. Now, in this final article in our series, we will explore ATP Safe Links, which can help protect your organization by providing verification of URLs in email messages and Office documents.
With ATP Safe Links enabled, if a user clicks on a link in an email and the URL has been blocked by your organization’s custom blocked URL list or if the URL is determined to be malicious, then a warning page opens. I won’t be going into much detail about how ATP Safe Links works, as Microsoft has written a good article here.
Like the other ATP features, you’ll need to define a policy to control how ATP Safe Links protects your users.
Creating Your First ATP Safe Links Policy
Like ATP Safe Attachments, there is a default ATP Safe Links policy enabled when you purchase ATP. This default policy only offers basic protection. In this section, I’ll show you how to create a custom ATP Safe Links policy that applies to your primary mail domain and applies Safe Links to e-mails received from outside your organization and e-mails sent within the organization.
In this scenario, we’ll be creating a policy that does the following:
- Applies to the imaginet.com domain
- URLS are checked when a user clicks on a link
- Apply safe links to messages sent within the organization
- Prevent user from proceeding to unsafe URLs
Similar to my previous article on ATP Safe Attachments Policies, we’ll want to head over to the Office 365 Security & Compliance Center and go to Threat Management, then go to Policy in the side navigation bar. Then click on the ATP Safe Links tile.
At the Safe Links page, click on the Add button under the “Policies that apply to specific recipients” heading.
The new safe links policy window will open. Specify a name and description for your Safe Links policy.
Now, we’ll enable the following:
- On-URLs will be rewritten and checked against a list of known mailicious links when user clicks on the link.
- Use Safe attachments to scan downloadable content.
- Apply Safe links to messages sent within the organization.
- Do not let users click through safe links to original URL.
If you have URLS you wish not to be rewritten, enter them here, and they will be excluded from the URL rewrite. In this scenario, I’ll be leaving this blank so all links are rewritten and scanned using safe links.
Lastly, we’ll apply this policy to the recipient domain imaginet.com.
Review these settings, and then click Save to create your first ATP Safe links policy.
How Does This Impact My Users?
With your ATP Safe Links policy turned on, users may notice that hyperlinks in e-mails they receive will contain a slightly longer URL when they hover a link.
Clicking the link firsts takes you to https://na01.safelinks.protection.outlook.com but then immediately redirects you to the actual URL. If the URL has been scanned and has been determined to be safe, then you will be redirected to the original URL.
However, if the link is scanned and found to be malicious, you will be presented with this page.
ATP Safe Links just adds another layer of security in combination with ATP Anti-Phishing and ATP Safe Attachments to protect you and your users from the threats that seem to just around the corner.
In this scenario, we created a new ATP Safe Links policy and applied it to our primary mail domain; however, I do want to note that these policies should always be tested first prior to deploying them to the entire organization. I would also recommend keeping an eye on the Threat Management Dashboard after you have tested and deployed these policies in case exceptions are needed if there are too many false positives.
Need Help with Your Office 365 Advanced Threat Protection?
If you are looking to get started with Office 365 Advanced Threat Protection (ATP) and would like some professional assistance, just know that Imaginet is here for you. Our Imaginet-certified Office 365 experts can help you with any of your Office 365 initiatives. To find out more, schedule your free consultation call with Imaginet today.
Thank you for reading this post! If you enjoyed it, I encourage you to check out some of our other content on this blog. We have a range of articles on various topics that I think you’ll find interesting. Don’t forget to subscribe to our newsletter to stay updated with all of the latest information on Imaginet’s recent successful projects
discover more
Idle Session Timeout: What it is and How it Affects Security & Productivity
Idle Session Timeout: What it is and How it Affects Security & Productivity April 24, 2024 In today’s digital age, many organizations are now using cloud-based productivity suites such as…
Adapting to Change: How to Do It and Why It’s Essential
Adapting to Change: How to Do It and Why It’s Essential April 25, 2024 Some organizations are risk averse which often means they avoid change to reduce risk. This…
The Imaginet Difference: Boutique In Size with Big Results
The Imaginet Difference: Boutique In Size with Big Results April 09, 2024 Since 1997, Imaginet has been a proud Microsoft Partner. We offer a variety of Microsoft-related consulting, implementation, and…
Let’s build something amazing together
From concept to handoff, we’d love to learn more about what you are working on.
Send us a message below or call us at 1-800-989-6022.