Come to Know About The Procedure to Setup Office 365 Anti-Phishing Policy

Marketing Team Cloud Security Expert - CloudCodes Software
  • December 23rd, 2020

ATP anti-phishing protection is a part of Microsoft Office 365 advanced threat protection. This helps in securing enterprises from harmful impersonation-based phishing attacks. A phishing technique is used by attackers to achieve crucial information like financial information, account login credentials, business core documents, etc., from the target machine. Attackers attempt different smart tricks for the creation of a sense of urgency for motivating end-users to click on a malicious file so as to spread the virus in the shortest time period. Therefore, if you are an Exchange Online tenant enterprise security or global administrator, setup Office 365 anti-phishing policy in your account.

Quickly Have a Quick Glance on Office 365 Anti-Phishing Policy

Phishing attacks are present in a variety of forms to deal with attacks ranging from commodity-based to targeted spear. In today’s era where already lots of working stuff is present, it is difficult for a tenant administrator to determine sophisticated attacks. To help out customers with this problem, Microsoft introduced this policy in Office 365 advanced threat protection. It is present with a limited set of anti-spoofing protection, which is aimed at the prevention of deception-based and authentication-based attacks.

Please Note – Microsoft offers Office 365 anti-phishing policy only for Enterprise E5 license users. If your business is working with another license, you have to purchase ‘Advanced Threat Protection’ as an add-in. Also, ensure that your industry works with the latest edition of Office 365 ProPlus on Windows OS for taking complete benefit of the respective policy.

Check for Prerequisites Before Office 365 Anti-Phishing Policy Setup

Prior to the setup of the O365 anti-phishing policy, check for the following prerequisites and then, go for the policy enforcement:

  1. Ensure that you are an authentic member of either of the Enterprise administrators or Security administrators role groups.
  2. Read each and every option provided on the official site of ATP’s anti-phishing policy.
  3. When you are done with reading of policy options, patiently decide how many policies are required for your business and then, give priority to each of them.
  4. Prepare your mind with the fact that you are going to spend 15-30 minutes in setting Office 365 anti-phishing policy.

Step-wise Procedure to Implement Microsoft Policy

The team of CloudCodes solution found that several people are known from the concept of anti-phishing policy but, unknown from its implementation. Therefore, below-listed is the description of the process in a step-by-step manner to enforce O365 anti-phishing policy:

    1. Open any one of the web browsers on your system and locate toward O365 Security and Compliance center of your admin account
    2. Move towards the left-hand side of the screen and click on Threat Management >> Policy
      Office 365 anti-phishing - step 2
    3. A policy page gets loaded in which you have to perform a single click on ATP anti-phishing
      Office 365 anti-phishing - step 3
    4. Now you are going to find the +Create button on which you have to attempt a click. Here, you will start with the creation of a new policy for prevention from phishing attacks.
      Office 365 anti-phishing - step 4
    5. An anti-phishing configuration window gets opened in which you have to describe the policy name and provide its short description. Click on Next to proceed with the creation of the Office 365 anti-phishing policy.
      Office 365 anti-phishing - step 5
    6. Explore the menu of Add a Condition and define the policy condition as per your business requirement
      Office 365 anti-phishing - step 6
    7. Next comes the section to choose a domain name for configuration purpose. You can select the option for custom domains to be enforced in Exchange Online tenant through this policy.
      Office 365 anti-phishing - step 7
    8. If you want to add more conditions to this new policy, click on the Add a condition button. Otherwise, hit on Next
      Office 365 anti-phishing - step 8
    9. A ‘Review Your Settings’ page gets loaded in which you have to recheck all the entries made by you for a new policy, carefully. If you desire to change the configuration, click on the Edit link.
      Office 365 anti-phishing - step 9
    10. Finally, click on the Create this policy button to implement this newly created policy in all associated user accounts.
      O365 anti-phishing - step 10

Conclusion: Office 365 Anti-Phishing Policy

The phishing attack is basic source of tension for enterprises today, specially for those who are having online business. Microsoft realized the pain point of its clients, and being a responsible CSP, it introduced Office 365 anti-phishing policy. Now its time for customers to wake up and utilize the add-on provided to them for experiencing a safe working with cloud computing technology.