Microsoft Defender for Office 365: Built-in Protection Time of Click URL Email Protection

Originally posted by Microsoft Jan 27, 2023 Microsoft 365 Apps 0 Comments

Last year, we enabled Built-in-Protection in Defender for Office 365 by default for all new and existing Defender for Office 365 customers. Specifically, it added a base level of Safe Links and Safe Attachment protections – delivery time file and URL detonation as well as time of click protection across email, Teams, and Office workloads.

We are now enabling the final remaining aspect of the built-in protection policy: SafeLinks URL time of click email protections.

When this will happen:

We will begin rollout in late February and expect rollout to be complete by late March.

How this will affect your organization:

Built-In-Protection will not impact users who currently have a Safe Links or Safe Attachments policy in place.

Note: For users already covered under the standard or strict preset; or under an explicit custom policy, built-in protection will not impact them as this policy has the lowest priority.

Policies will be applied in the following order of precedence:

  1.  Strict
  2.  Standard
  3.  Custom
  4.  Built-In-Protection or default

If additional domains are added to your tenant, they will automatically be protected through Built-In-Protection with a base level of Safe Links and Safe Attachment. This will reduce the administrative burden and time involved to protect these users, as they’ll get instant protection under the Built-in preset.

What you need to do to prepare:

No security admin action is required. You may want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy. Although we do not recommend it, you can also configure exceptions to built-in protection based on Users, Groups, and Domains so the protection isn’t applied to specific users.

Additional links:

To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings

Message ID: MC504323

No comments yet

Leave a Reply

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: