What it is
Defender for Office 365 improves the security of your Office 365 account, including your @cam.ac.uk email address on Exchange Online.
Threats in emails and files are identified and mitigated in collaborative tools, such as Teams or SharePoint. Targeted attacks such as scam emails, spear-phishing, general spam, ransomware, and malware are prevented. Defender for Office 365 enhances the features provided in Exchange, known as Exchange Online Protection (EOP).
SafeAttachments for Exchange
This checks email attachments for malicious content. If no suspicious activity is found, the message is forwarded to the mailbox.
SafeAttachments for SharePoint, OneDrive, and Microsoft Teams
This identifies and blocks malicious files when users collaborate and share data.
SafeLinks
SafeLinks provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs in email messages and other locations. Links in emails are rewritten and are scanned when a user clicks on them; such that approved links remain accessible and malicious links are dynamically blocked.
A malicious link that is not spotted by Defender can be added to the malicious category by the UIS Service Desk or CSIRT. It takes approximately 1 minute for this update to take effect. This allows UIS to protect users from malicious links in their emails while working at home, a significant improvement in response capability.
How to get it
Defender for Office 365 is automatically applied to all staff and student Office 365 accounts.
How to use it
Defender for Office 365 works automatically.
How SafeLinks URLs look in emails
As SafeLinks rewrites the URLs in emails, it can have a visual impact on emails in the email client. This occurs when an email is displayed in plain text format, rather than HTML format.
Here is an example of a URL (http://www.theoakbistro.co.uk) rewritten in a plain text email:
Checking the orginal URL when a SafeLink is difficult to read
If your mail client is having difficulty displaying a SafeLink and you wish to check what the underlying URL is, you can use a website like https://www.o365atp.com/
How we use SafeLinks to protect University staff and students
We use SafeLinks to block malicious URLs that have been reported to the UIS Service Desk. Our staff add newly reported malicious links to the SafeLinks list which protects staff and students if they were to click on them.
SafeLinks exemptions
All *cam.ac.uk URLs are exempted from SafeLinks to improve user experience. Also, we can provide a SafeLinks exemption for specific URLs that meet the following criteria:
- The URL is work-related.
- The URL is a sub-domain or site, e.g. https://www.cambridge.science.com or https://github.com/cambridge (but not www.science.com or github.com).
- The re-written URL is causing technical problems for a system or service.
Exemptions are not provided for specific people or mailboxes.
Help and support
For help and support please contact the UIS Service Desk.