Sydney Outsourced IT Services Blog
What Are ATP and Safe Links?
ATP is a form of security feature developed by Microsoft for Office 365, an acronym for its Advanced Threat Protection software package that users are able to purchase for improved security features within the program. They are recommended by Microsoft for business use, claiming to help organizations better secure their operations through the providence of programming that verifies the websites used in emails and document files created through the software within its packages.
After the upgrade to Office 365 is purchased and installed, users working as administrators can create a custom ATP policy that affects website recognition and email security features across the entirety of the network. Additionally, security reports can be reviewed to show sources of attempted violations, potentially identifying internal vulnerabilities or violators in addition to providing some groundwork for ongoing security developments and improvements.
The security feature has been increasingly used in businesses since the final business quarter of last year, and now is considered a viable benefit in addition to email account securities. According to Microsoft, businesses should consider whether the software is a worthwhile investment, while users may wish to combine the investment with Gmail accounts to avoid vulnerabilities to BaseStriker approaches to email phishing.
How Can ATP and Safe Links Help Against Cyberattacks?
Microsoft has developed a number of improvements to ATP in an attempt to increase the security of their customers’ accounts. Following their initial development and release for sale, the software has been upgraded several times. As of last year, Safe Links were added to ATP to relate to URLs for the ProPlus documents of Office 365, including those that are connected to Excel, PowerPoint, Visio, Word, and Office apps available on iOS and Android.
In March of this year, Safe Links were improved to be used to address security vulnerabilities involved in emails sent by business employees and users. To better address security violations and potential hacking from all sources, Microsoft has applied numerous patches and upgrades.
As this threat had not been considered sufficiently addressed through previous versions, new upgrades would be considered beneficial to users and organizations. Safe Links were further improved for application in commonly used Office 365 programs for their online versions, better protecting online users of Word, Excel, PowerPoint, and OneNote.
The software was further updated to better protect Mac-based ProPlus users. In May of this year, ATP developments have been upgraded as well to give more consideration to color schemes, email details, and site links. While ATP is included in extended Office 365 subscriptions, such as the Enterprise E5, Business, and Education A5 subscription packages, it is not offered to basic users. Microsoft currently recommends that users reaffirm the effectiveness of their purchased ATP Safe Link protection through the maintenance and examination of the latest threat reports possible through ATP, as well as updated Safe Links policies. These explain the extent that the features apply to hyperlinks in messages and files.
While Safe Links are considered a useful and practical improvement, they have security vulnerabilities that should be addressed. They are regarded as a fundamental step in protecting against phishing, but are not considered all-encompassing. Outlook email accounts can experience better protection against phishing vulnerabilities when various security programs are combined.
Avanan recognizes Gmail as being the best choice for use in combination with ATP and Safe Links, although this may change in the future as both security and the nature of remaining vulnerabilities change in line with phishing developments.
What Is baseStriker?
BaseStriker is an example of a phishing approach that currently can bypass even the more advanced ATP and Safe Link developments. It involves the use of an additional tag that the security features of Microsoft alone currently cannot detect. This has led to the recommendation that organizations use Gmail rather than Outlook to safeguard against this aspect as well.
Avanan also recommends that users give consideration to the potential for Safe Links to be bypassed with misdirected IP traffic. In addition, they may have the capacity to be bypassed with obfuscated URLs, and the inability to perceive where email links go.
According to findings at Vanderbilt University and through program use, one of the biggest criticisms of Safe Links is that they create false senses of security. Users may believe they are protected against certain phishing and cyber threats when they are not. Therefore, businesses that fail to use other recommended precautions can actually increase their vulnerability. In the end, Microsoft Office 365 security is better than many other similar programs available.
What’s The Bottom Line?
ATP and Safe Links can:
- Protect users from harmful links recommended in emails
- Check Microsoft’s database for blacklisting and exclusion demands upon clicks
- Redirect users to safety
ATP and Safe Links do not, however:
- Provide a universal solution to phishing
- Protect against BaseStriker or base-tag HTML disguise attempts
- Reduce the overall demand for common practice phishing security recommendations