 Hi, this is Sean with Protected Trust again, and today I wanted to talk about a feature that is available in most Office 365 tenants that you can use to improve your email security posture without a whole lot of configuration. In the Microsoft 365 Defender Portal, which you would get to by going to security.microsoft.com as a global admin in your tenant. If you then go to email and collaboration and policies and rules and then threat policies, you'll see that you have a number of policies that are available in here to do things like anti-fishing, anti-spam, anti-malware, depending on the licensing that you have available in your tenant. If you have Microsoft Defender for Office 365, then you will also have these additional policies for safe attachments and safe links. But today the thing that I wanted to talk about are the preset security policies. Preset security policies are available to all Office 365 tenants that have either exchange online protection or any of the licenses that include Microsoft Defender for Office 365 such as Microsoft 365 E5 licenses, or you can also get Defender for Office 365 as a standalone license that you add on to other licenses. But even with exchange online protection, you have the preset security policies available. You just don't have all of the same features that are available. So to begin with, I'm just going to go in and look at the standard protection preset security policies. So in order to enable it, I have to select this option here for manage protection settings. And when I do that, it's going to take me through a wizard. It's very, very simple to set up. And by doing this, any organization that has a exchange online protection or those additional licenses that I was talking about, you can go in and set up custom policies. I'm going to back back out to that for a second. And so if we went into threat policies and anti-fishing, anti-spam, like if we went into our anti-spam policies and went and looked at our anti-spam inbound policy, there are policies that you can go in here and configure. But the settings here, there's a lot of settings to configure, and a lot of people just don't want to deal with going in and setting up all these settings. That's where the preset security policies are really useful. So you can just go in and create, basically enable the standard protection policy for everyone in your organization. And it gives everyone a fairly decent baseline of protection against spam and fishing. And just basically bad content coming into your tenant over email. So here I'm going to go again to manage protection settings. And I'm going to just kind of like walk through the wizard real quick. It's pretty simple. In this case, we're going to apply protection to all recipients. And if I wanted to, I could exclude some users. But in this case, I'm not. I'm just going to apply it to everybody. Since the tenant that I'm in right now has Defender for Office 365, there are some additional features that are available here. Realistically, here at Protected Trust, we would recommend if you have Defender for Office 365, if you're paying for those additional licensing, then you should probably go in and enable the custom security policies and go in and set those things up. The convenience here is that you don't necessarily have to do that. So, but since this tenant does have Defender for Office 365, I will have a few additional settings that are available. So in this case, I want to apply that protection to the previously selected recipients. So again, since in the previous step, we selected everyone in the organization, this is going to apply protection to everyone as well. The next steps, it's going to ask me about impersonation protection. So add email addresses to flag when impersonated by attackers. So this setting, what it does is if we have anyone in our organization, so we receive an email from the outside world and it's impersonating a specific user in our organization, then we want to handle that email differently than we would an email that comes in as anyone else. For example, in this case, our president of this company, Patty Fernandez, we're going to make her have this setting here. So I think it's Patty. So we're going to add Patty Fernandez because she is the president of this company. You know, people might email others within the organization, spoofing her email and or pretending to be her by creating a Gmail account that has Patty Fernandez as the display name, for example. This setting helps protect against that kind of situation. And anyone in our organization who is targeted in that fashion, so we maybe regularly receive emails where that user is being impersonated, then this setting is where we would help prevent and control that kind of attack in our organization. Again, this is additional configuration that we only have in this organization because this organization has that additional licensing for Microsoft Defender for Office 365. But still, it's good stuff, good stuff to set up. So protected custom domains, you can add additional domains. So, you know, we could have our own domain. In this case, it was just contoso.com. But maybe we also have a partner like maybe protected. You know, maybe we want to make sure that emails that come from protected trust aren't impersonated, for example. So we could have basically, you know, partners here, people that we regularly do business with and most importantly, their email is set up correctly. So whenever they send email, they have things set up like SPF and DMARC and DKIM signing and all of those things. So if we're 100% positive that this partner has their email set up correctly, then it would be a good idea to add them to this list. But I wouldn't recommend that you go overboard with this and it's something where you can only add 50 domains to this list. So you kind of have to, you know, be picky and choosy when you're adding them to it. So the next setting would be trusted senders. So if you have an organization that you intentionally use to impersonate your users and you've run into problems receiving emails from that organization, maybe you have like a constant contact address or maybe there's a, actually a really good example is like a Gmail account. So like Patty Fernandez, for example, if she wants to be able to email herself from her own, you know, personal email account, then, you know, maybe we need to add that sender. So, you know, Patty, the, you know, Priz at, you know, maybe that's her email address. So what that would allow, by adding that as a trusted email address, so she wouldn't have difficulty emailing herself from that personal email account. It would still make it into the tenant. So anyway, that's how you would enable trusted email addresses. And all of those settings, after that Defender for Office 365 protection setting there, all of those settings are the ones that are only available if you have that additional licensing. Otherwise you would pop right to the next setting, which is the policy mode. Turn it on, leave it turned off. So in this case, I'm gonna go ahead and turn it on. So this is, gives us a little screen where we can review and confirm any of those changes that we've made when we confirm that it's gonna enable that policy in our tenant. So we'll see in the tenant, now standard protection is on. There's an option here where we could turn it on or off if we wanted to. Also, if we go into, just back into emailing collaboration and policies and rules and threat policies again, and then any of these policies, so we go and look in anti-fishing, for example, we will now have the standard preset security policy as a policy that's available in this list. So, okay. Now say if we have a user in our organization who is maybe more problematic, maybe they get a lot of spam, maybe they're more likely to fall for phishing attempts. Maybe just we just wanna protect them a little more than our other users. So if we go back into our preset security policies, you'll see that there is also an option for a strict protection preset security policy. So again, if we go to manage protection settings, in this case, I wouldn't recommend that you use the strict protection policy against all of the users in your organization. In my opinion, it tends to be too strict for general business, but it's something that you could certainly enable for specific users in your organization if they are more prone to being problematic than other users. So in this case, we're gonna pick on Adele, and we're just gonna add her to the list again, because this tenant has the Office 365 licenses. We're going to have some additional settings here. Again, I'm gonna use previously selected recipients, so it only applies to the users that we selected in the previous step. Again, that was just this one user Adele. Gonna say next. It's gonna walk us through the next settings, impersonation protection. Again, I would recommend that we set things up here, the same as we did in the other ones. So we're gonna protect for emails that look like they come from Patty Fernandez. We might wanna add our own domain to this list, or any important partner domains. If we have trusted senders, in this case, Patty's probably not gonna email Adele, so I'm not gonna bother adding her to this policy. But if we had any trusted senders, we could add them to this list as well. Again, I'm just gonna turn the policy on and confirm, and that's it. That's all it really takes to set up what is a decent baseline of email security for your organization. It's just a few clicks, and there you go. You're all set up. It's certainly easier than going in and enabling a custom anti-spam policy, though we do recommend doing so if you do have the licensing to do so. And that's pretty much it. So very simple, very easy way for you to improve your email security. Have a great day.