Office 365 become more and more popular around the world, especially in International Education Market in China. Everyone willing to use it because you can integrate lots of the cool stuff into one place and it is not blocked in China (Most of the time 😊). If your school already use most of the Office 365 services, the security problem is the most major concern we should take action as soon as possible.
Phishing email is one of the biggest headache from all Office 365 user. Let’s take a look with the screen shot I take from Vade Security and you can find more detail from the link below:
Well, that is fair. In china, we called it “The shot hits the bird that pokes its head out”. Office 365 got the largest numbers of business users, and it cost almost very low for the hacker to send the phishing email to the end user all at once. However, if one of us click the phishing email and type in their own credential, the hacker can not just got in your account, he may also know the whole relationship from your company. This is not a joy, this story happen at our school at the beginning of this school year..
Let’s review the current security setting we deploy on our tenant, we are Using Office 365 A3 license so we got the Office 365 EOP (Exchange Online Protection) . Meanwhile, we have Deploy the SPF/DKIM/DMARC. Our tenant did works fine start at the beginning in 13-14 school year. But somehow start at 18-19 school year, we start to hear that we got more and more phishing email and some of our VIP user even got hacked because of they click into the phishing email this school year. We confirm with Microsoft, all the currently setting we deploy in our tenant is right and this is all we can do right now. Well, this is definitely no the right answer to my Boss, I will said: James, I need a solution!
OK, so I spend lots of time to review different kinds of solution including the Microsoft own solution, Cisco, Barracuda, Symantec etc. Finally, we choose the Microsoft own solution. (PM me if you need to know why I make this decision). Finally, I decide to use the Microsoft ATP P2 solution. If you are already using office 365 A3 license, I strongest suggest you to directly upgrade few license to Microsoft 365 A5 and then you can open the door for the new world.
Most of you may know that if you upgrade your license to Microsoft 365 A3 or A5, you can got Azure Active Directory Plan1/2; Intune, Minecraft Education etc, That is what I focus on last couple months. However, I have to said that security part is the most valuable feature compare with the others. You can check all the detail from the link below:
As we can do lots of different security policy once we got the Microsoft A5 license and I don’t have enough time to test it all at once. So I will focus on the email security part first.
- ATP anti-phishing
- Safe attachment
- Safe link
These four setting is the most major security setting should deploy it from ATP, I will cook up another article to explain how to set it up later.