MC296611 – (Updated) Microsoft Defender for Office 365: Introducing Built-In-Protection (archived)

cloudscout.one Icon

check before: 2021-11-19

Product:

Defender, Defender for Office 365, Microsoft 365 Defender, Microsoft Defender for Office 365

Platform:

US Instances, Web, World tenant

Status:

Launched

Change type:

Admin impact, New feature, Updated message

Links:

72208

Details:

Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by early October (previously late August).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability

Created:
2021-11-06

updated:
2022-08-31

the free basic plan is required to see all details. Sign up here

A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.

Login
Get a Plan

changes*

DatePropertyoldnew
2022-09-15MC prepareNo security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
MDO blog announcing Built-In-Protection
Learn how to configure Built-in-Protection
See the specific settings set in Built-In-Protection
ps://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies?view=o365-world
ps://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-world
ps://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide#safe-attachments-setti
ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=72208		No security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
MDO blog announcing Built-In-Protection
Learn how to configure Built-in-Protection
See the specific settings set in Built-In-Protection
https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide#safe-attachments-settings
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=72208
2022-08-31MC Last Updated07/28/2022 19:17:152022-08-30T23:03:12Z
2022-08-31MC MessagesUpdated July 28, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late August (previously late July).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs		Updated August 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by early October (previously late August).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-08-31MC End Time09/30/2022 09:00:002022-11-04T08:00:00Z
2022-08-27MC prepareNo security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
MDO blog announcing Built-In-Protection
Learn how to configure Built-in-Protection
See the specific settings set in Built-In-Protection
https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide
https://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide#safe-attachments-settings
https://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=72208		No security admin action is required. You will want to review the impact to users who are not already protected under a standard or strict preset or under an explicit Safe Links and Safe Attachment custom policy.
We will release the option to configure exceptions in the Microsoft 365 Defender portal in early November ahead of enabling the Built-In-Protection policy.
Although we do not recommend it, we recognize the need for some organizations to exclude certain users or groups from Built-In-Protection and admins will have the opportunity to configure these exceptions ahead of December rollout.
This is rolling out default on.
Learn more:
MDO blog announcing Built-In-Protection
Learn how to configure Built-in-Protection
See the specific settings set in Built-In-Protection
ps://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies?view=o365-world
ps://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-world
ps://docs.microsoft.com/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide#safe-attachments-setti
ps://www.microsoft.com/microsoft-365/roadmap?filters=&searchterms=72208
2022-07-29MC Last Updated06/30/2022 20:10:372022-07-28T19:17:15Z
2022-07-29MC MessagesUpdated June 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late July (previously mid-June).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs		Updated July 28, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late August (previously late July).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-07-29MC End Time08/31/2022 09:00:002022-09-30T09:00:00Z
2022-07-01MC Last Updated05/05/2022 21:44:212022-06-30T20:10:37Z
2022-07-01MC MessagesUpdated May 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by mid-June (previously late April).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs		Updated June 30, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late July (previously mid-June).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-07-01MC End Time07/22/2022 09:00:002022-08-31T09:00:00Z
2022-05-06MC Last Updated03/04/2022 21:58:372022-05-05T21:44:21Z
2022-05-06MC MessagesUpdated March 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by late April (previously late February).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs		Updated May 04, 2022: We have updated the rollout timeline below. Thank you for your patience.
Note: this has begun being enforced for organizations where it is already available.
We are introducing a powerful new default security preset called Built-in-Protection in Defender for Office 365. Built-in-Protection is a third preset security policy (like the Standard and Strict preset policies), and is enabled by default for all new and existing customers. It will implement a version of Safe Links and Safe Attachments resulting in low impact on the end-user. It's low impact as the end user experience will not be changed - URL links will not be wrapped. However, it will implement delivery time file and URL detonation as well as time of click protection.
[Key points:]
Microsoft 365 Roadmap ID 72208.
Timing: We will begin rolling out in mid-December and complete by mid-June (previously late April).
Beginning in early November, you will be able to view the Built-in-Protection preset in the Defender for Office 365 portal and configure any exceptions required ahead of the policy enablement rollout that begins in mid-December.
Action: Review and assess impact to users in your organization.
Note: Configured exceptions will be honored for the Safe Links and Safe Attachment settings within Built-In-Protection when it is eventually enabled for your tenant. Configured exceptions do not apply to the global Safe Links and Safe Attachment settings within Built-in-Protection. To changes these settings after Built-in-Protection is enabled, admins can modify the global Safe Attachments or global Safe Links policies directly at any time. To learn about the specific settings set by Built-in-Protection, please see: Microsoft recommendations for EOP and Defender for Office 365 security settings - Office 365 | Microsoft Docs
2022-05-06MC End Time06/13/2022 09:00:002022-07-22T09:00:00Z

*starting April 2022

Last updated 3 months ago

Related Posts:

  • MC469568 - Introducing Threat Explorer V3 by Microsoft Defender for Office 365 (archived)
    MC469568 - Introducing Threat Explorer V3 by Microsoft…     22. November 2022 check before: 2022-12-06 Product: Defender, Defender for Office 365, Microsoft 365 Defender Platform: World tenant Status: Change type: Feature update, User impact, Admin impact Links: Details: We are happy to share that Microsoft Defender for…
  • 93436 - Microsoft Defender for Office 365: Enforce authentication to pass on AntiSpam allowed domains & senders for Spoof protection
    93436 - Microsoft Defender for Office 365: Enforce…     10. August 2022 *For this entry exists the more relevant or more recent entry MC415186 check before: 2022-09-01 Product: Defender, Defender for Office 365 Platform: US Instances, Web, World tenant Status: Launched Change type: Feature update, Admin impact…
  • MC466195 - Outlook for the web - End user Reporting integrated with Microsoft Defender for Office 365 (Exchange Online Protection)
    MC466195 - Outlook for the web - End user Reporting…     12. November 2022 check before: 2022-11-26 Product: Defender, Defender for Office 365, Exchange, Microsoft 365 Defender, Outlook Platform: Android, iOS, Mac, mobile, Online, US Instances, Web, Windows Desktop, World tenant Status: Launched Change type: Admin impact, Feature update,…
  • MC406649 - AAD Security Reader Role in Microsoft Defender for Cloud Apps - Alignment with Microsoft 365 Defender (archived)
    MC406649 - AAD Security Reader Role in Microsoft Defender…     29. July 2022 check before: 2022-08-28 Product: Azure Active Directory, Defender, Defender for Cloud Apps, Microsoft 365 Defender Platform: World tenant, Online Status: Change type: User impact, Admin impact Links: Details: Currently the AAD “Security Reader” role can…
  • MC420052 - Microsoft Purview Information Protection: Maintain protection when creating PDF files from Office apps (GA) (archived)
    MC420052 - Microsoft Purview Information Protection:…     27. August 2022 check before: 2022-09-09 Product: Information Protection, Microsoft 365 Apps, Microsoft 365 suite, Microsoft Information Protection, Purview Communication Compliance, Purview Information Protection, Purview Insider Risk Management Platform: Mac, US Instances, Web, Windows Desktop, World tenant Status:…
  • MC455512 - (Updated) Microsoft Defender for Office 365 to stop honoring ReportJunkEmailEnabled in OwaMailboxPolicy (archived)
    MC455512 - (Updated) Microsoft Defender for Office 365 to…     4. November 2022 check before: 2022-11-18 Product: Defender, Defender for Office 365, Exchange, Microsoft 365 Defender, Outlook Platform: Online, World tenant Status: Change type: Admin impact, Retirement, Updated message Links: Details: Updated November 8, 2022: We have updated…

5 Responses

  1. Pingback: 2022 CW 35 Microsoft 365 Message Center changes | cloudscout.one
  2. Pingback: 2022 CW 36 Microsoft 365 Message Center changes | cloudscout.one
  3. Pingback: 2022 CW 31 Microsoft 365 Message Center changes | cloudscout.one
  4. Pingback: 2021 CW 45 Microsoft 365 Message Center changes | cloudscout.one
  5. Pingback: 2022 CW 03 Microsoft 365 Message Center changes | cloudscout.one

Leave a Reply

Share to MS Teams

cloudscout.one

Consolidated Microsoft 365 Roadmap and Message Center analysis for Office 365 operations and change management.

Support

Schierding.one GmbH

Alleenstraße 16
78549 Spaichingen
Phone: +49 (0)7424 60899-09
E-Mail: info@schierding.one
Amtsgericht Stuttgart (HRB 767585)
USt-ID DE321821109

Legal:

Privacy Policy

Imprint

FAQ

Login to your account

Welcome Back, We Missed You!