Settings

Can I create templates of my own custom settings in Office Protect?

SynopsisCan I create templates of my own custom settings in Office Protect?Applicable toAll Office Protect accountsHow to There are three security profile presets from which to choose. We recommend the strongest profile.Low User ImpactRecommended Best PracticesMax Security If our profil...

7/1/2025 3:46:05 PM

How to apply security settings in Office Protect

SynopsisThis guide explains how to apply security settings in Office ProtectPrerequisiteYou must have an Office Protect accountHow toThere are three security profile presets from which to choose. We recommend the strongest profile with which your company is comfortable. Read the descriptions foll...

7/17/2025 4:51:20 PM

How to set up trusted IPs for Office Protect

SynopsisThis guides will explain how set up trusted IPs for Office ProtectPrerequisiteOffice ProtectAzure Multi-Factor Authentication - full version How to get the full version of MFAHow to The following steps are available only with the full version of Azure Multi-Factor Authentication...

7/17/2025 4:51:54 PM

Office Protect - Settings Overview

Settings ProfileYou can set up your tenant quickly by selecting a Profile suited to your organization's needs. You can also review each event individually and create a custom profile that suits the organization’s specific needs.Profiles do not support setting customizations, such as a customized ...

7/17/2025 4:52:27 PM

Office Protect Settings - Account Passwords Never Expire

Context The National Institute of Standards and Technology (NIST) now recommends requiring a password change only when there is reason to believe it has been compromised. Forced password change encourages weak passwords and bad storing habits. This should be combined with other security measures ...

7/8/2025 8:46:17 PM

Office Protect Settings - Audit Logs Always-On

Unified Audit logs are a requirement for Office Protect, this is how we monitor activity for our clients. If they are turned off, you lose all visibility on the activities of your tenant. It is an organization-wide setting that is enabled/disabled for all users.  If audit logs are turne...

7/1/2025 3:49:07 PM

Office Protect Settings - Block “Bad” File Extension Attachments

Context The vast majority of files sent in emails that are part of our blocked extensions list are security threats. Should the need arise to share such a file, channels other than email should be used, such as file sharing through OneDrive or SharePoint. Office Protect setting Office Protect pre...

7/7/2025 6:52:21 PM

Office Protect settings - Block 3rd party Cloud storage

Context File sharing through Teams uses SharePoint Online by default. However, third-party cloud services can also be allowed: Citrix, DropBox, Box, Google Drive, Egnyte. 3rd party file storage prevents Microsoft from properly auditing the activity on the files. Using multiple sources of file hos...

7/8/2025 8:36:00 PM

Office Protect settings - Block Custom Apps

Context Enabling users to install apps from sources outside of official or trusted sources presents a potential threat of introducing harmful software into the system. The Teams App Marketplace contains curated apps by Microsoft, any other apps that are not part of the catalog should be considere...

7/8/2025 6:48:10 PM

Office Protect Settings - Block Guests from Sharing Content

Context Guest users in SharePoint are quite common in a business setting, but their rights should be limited to the content they have created. They should not be able to share sites, folders or files they do not own, to prevent unwanted data extraction from your business. Office Protect setting I...

7/8/2025 8:13:22 PM

Office Protect settings - Block High Risk Sign-Ins

NEW Security setting! Only available with Entra ID P2 licenses (E5 plans). Before enabling this setting, make sure your users are properly licensed.SummaryHigh-risk sign-ins are flagged by Microsoft’s Entra ID Protection mechanisms because they exhibit behaviors that strongly suggest the accou...

7/17/2025 4:52:50 PM

Office Protect Settings - Block Sign-Ins from Unauthorized Countries

WARNING: The impact of enabling this setting is high: make sure the list of authorized countries is up to date to avoid any sign-in issues. If you apply this setting on many tenants at once through the profile feature, make sure all tenants have the same requirements.SummaryThe Block Sign-Ins fro...

7/17/2025 4:53:02 PM

Office Protect Settings - Block Top Spamming Countries & Only Allow Emails in Specific Languages

Context Limit international spam with Block Top Spamming Countries and Only Allow Emails in Specific Languages settings. Block Top Spamming Countries The Office Protect team pre-determined a list that includes countries with the highest ratio of spam emails versus real emails. You can tweak the l...

7/7/2025 7:06:15 PM

Office Protect settings - Control Guests Access

Context Guest accounts can be easily created through Teams, which can allow hackers to incite users to click on malicious links or socially engineer them. The best practice is to allow guest users to only attend meetings in Teams. This setting will prevent guest users from sending private message...

7/7/2025 7:36:55 PM

Office Protect Settings - Disable Anonymous Sharing

Context In a business setting, there are few reasons to share business files using links that are accessible to anyone on the Web. Anonymous access to SharePoint files does not allow proper user identification and tracking. It makes it very difficult to investigate data extraction. Office Protect...

7/7/2025 6:07:22 PM

Office Protect Settings - Disable Communication with Unmanaged Users

Context Allowing communication with unmanaged Teams users exposes your organization to potential security threats: hackers can exploit this to verify if users exist, and initiate chats for phishing attacks or social engineering. It also opens the door for unauthorized contact, bypassing organizat...

7/8/2025 9:24:30 PM

Office Protect Settings - Display External Tag

Context A common practice for phishing attempts is to impersonate internal users to have them open malicious files or malicious links. Enabling this feature will add an "External" label and a warning to emails sent from outside your organization. This is a tenant-wide setting (not activated per d...

7/8/2025 6:59:12 PM

Office Protect Settings - Do Not Allow Calendar Details Sharing

Context Attackers will often research your organization to prepare targeted attacks. A person's calendar is a great source of such information and should not be shared externally. Office Protect setting By enabling this setting, users in your organization will no longer be able to share their cal...

7/7/2025 7:22:40 PM

Office Protect Settings - Do Not Allow Third-Party Integrated Applications

Context Consenting to applications sometimes allows third parties to access personal information from your users. It's essential to closely audit apps that are installed in your organization. An app that has been certified by Microsoft may seem harmless on its own, but it might also have vulnerab...

7/8/2025 9:09:43 PM

Office Protect Settings - Enable Client Rules Forwarding Block

This Security Control will create a transport rule in Exchange that will prevent users from creating forwarding rules to an external email address. It will reject the messages auto-forwarded with the following message: 'External Mail Forwarding via Client Rules is not permitted'.You can find tran...

7/1/2025 4:06:07 PM

Office Protect Settings - Enable Security Defaults

Office Protect will enable Security Defaults for your organization. Enabling this setting will:Block any kind of legacy authentication to Microsoft 365. For example, any email client that uses legacy authentication mail protocols such as MAP, SMTP, or POP3 will not be able to connect anymore.Prom...

7/1/2025 4:06:41 PM

Office Protect Settings - Enhance MFA

This setting enables some additional features of the Microsoft 365 MFA to help protect users from common attacks. Office Protect configures your Authentication Methods and MFA Registration Campaign to ensure that users that are registered for MFA in your organizations are authenticating using the...

7/17/2025 4:53:19 PM

Office Protect Settings - Exchange Scripting (Powershell) Access

Context To limit the ability of hackers to perform large-scale actions on mailboxes if/when they break in. Such an action can be mitigated by removing the ability to use PowerShell from users who will not need it for day-to-day email usage. Removing from administrators may limit your ability to u...

7/8/2025 8:20:37 PM

Office Protect Settings - Flag Attachments containing Links

A common practice for phishing attempts is to include an attachment mimicking an invoice, or document, containing a link to a webpage that will either request credentials under false pretense or directly try to exploit the user's web browser.This setting will add a message to any email with an at...

7/1/2025 4:08:28 PM

Office Protect Settings - Flag Phishing Emails Using Tenant Domain or Staff Name

Attachments containing links are often used for phishing. A common phishing practice is to use a staff member's name (CEO name is most common) and/or your own domain name in the "From" of a phishing email. This setting will add a message to any email using this technique. It will not prevent the ...

7/1/2025 4:09:03 PM

Office Protect Settings - Mailbox Audit Logs Always-On

Mailbox audit logs are a requirement for Office Protect as this is how we monitor activity for our clients. If they are turned off, you lose all visibility of the Exchange activities of your tenant. This is a user-based setting, which means Mailbox Auditing must be turned on for all users individ...

7/1/2025 4:09:38 PM

Office Protect Settings - Microsoft 365 can remove dangerous emails/files from your inbox

Allow Microsoft to remove files and emails from your user's inboxes if they are found to be dangerous after delivery.All email messages are evaluated for viruses and other threats before being delivered to your Inbox. Sometimes, a message that was judged to be ok will later be found to be a threa...

7/1/2025 4:10:13 PM

Office Protect Settings - Safe Attachments

Context Attackers can use malicious attachments to gain access to sensitive information, steal credentials, or install malware on a victim's computer. Safe Attachments is a feature in Microsoft Defender for Office 365 that helps protect against these types of attacks by scanning email attachments...

7/8/2025 7:33:26 PM

Office Protect settings - Safe Documents

Context Attackers can often gain access to sensitive information, compromise systems or launch ransomware attacks by tricking users into downloading malicious documents or attachments. This can lead to data breaches, financial losses, and damage to your organization's reputation. Safe Documents i...

7/8/2025 8:07:53 PM

Office Protect Settings - Safe Links

Context Attackers often try to obtain sensitive information through phishing attacks, which involve tricking a user into clicking on a link that leads to a malicious website or downloading malware. Phishing attacks can compromise sensitive data, lead to financial losses, and damage reputation. Sa...

7/8/2025 7:57:41 PM

Office Protect Settings - Set Outbound Spam Notifications

Context A normal user that suddenly starts sending out spam is often a sign that the account was breached and is now being abused. Even if the account was not breached, a spamming account should be temporarily disabled for investigation. This feature is part of the Microsoft 365 Anti-Spam Policie...

7/8/2025 8:30:14 PM