Taking a Look at Advanced Threat Protection (ATP) from Microsoft

Reading email on laptop
Published | February 25, 2020

Advanced Threat Protection, or ATP from Microsoft is a cloud-based email filtering service that protects against unknown malware and viruses while safeguarding our users from harmful threats in real time. ITS has been testing the service in a live environment for several months. Our primary goal is to observe and analyze real-time performance and behaviors of the software to better inform our approaching implementation strategy.

“Cyber-criminals employ increasingly sophisticated tactics including email impersonation, legitimate looking fraudulent login pages to harvest credentials, fake invoices/documents attachments, and misleading hyperlinks. To help us identify deceitful campaigns, we have licensed Microsoft Advanced Threat Protection (ATP) to identify and block these threats.”

Dean Tallman, ITS Chief Information Security Officer

ATP is yet another step in a recent series of measures (e.g., Duo MFA, Okta Single-Sign-On, etc.) ITS has begun to implement for the purpose of protecting W&L’s network from a broad array of cyber attacks. In today’s hyper connected world, it’s important to ensure network integrity by focusing on proactive strategies rather than recovery & repair.

Divider line

Post Updated March 27, 2020

Effective immediately, ITS is enabling Advanced Threat Protection (ATP) from Microsoft. With ATP, emails will now be back-checked against a real-time database of threats to minimize clicks, attachments and spoofing attempts that pose a threat to you. While there’s nothing you need to change in your email set up, we wanted to point out that emails may appear a bit different from what you’re used to. Take a look at the screen shots below to get an idea of the helpful changes coming your way.

A. When you hover over a link with your cursor, the original URL will be displayed for you to view.
B. In addition, you will notice a second URL that appears at the bottom (https://nam03.safelinks…), letting you know that Safe Links is enabled.

If you click on a link that Safe Links has determined to be harmful, you will see a warning similar to the screen shot below.

Divider line

ATP Anti-Impersonation

Divider line

ATP Safe Attachments

Microsoft CEO Satya Nadella emphasizes that organizations need a combination of security products and operational security posture. ITS recognizes the importance of this position and intends to utilize the ATP service as a means to both inform and enhance our ability to keep the campus network protected, as much as possible, from threats.

You may also like…