Threat management in the Office 365 Security & Compliance Center

Use Threat management features to help control and manage mobile device access to your organization's data, help protect your organization from data loss, and help protect inbound and outbound messages from malicious software and spam. You also use these features to protect your domain's reputation and to determine whether or not senders are maliciously spoofing accounts from your domain.

How to view and use Threat management in the Security & Compliance Center

In Office 365 use the Security & Compliance Center to manage device security, data loss prevention, and access other features such as mail filtering.

To go directly to the Security & Compliance Center:

  1. Go to https://protection.office.com.

  2. Sign in to Office 365 using your work or school account.

  3. In the left pane, select Threat management.

    Office 365 Security & Compliance Center Threat management menu

To go to the Security & Compliance Center using the Office 365 app launcher:

  1. Sign in to Office 365 using your work or school account.

  2. Select the app launcher App launcher button in the upper left corner, and then select the Security & Compliance tile.

  3. In the left pane, select Threat management.

About Threat management in Office 365

These options are available under Threat management in the Security & Compliance Center.

We’re still rolling out Threat management for the Security & Compliance Center, so you might not see all of these features yet. During the rollout, some of these, for example Anti-malware, Dkim, and others, will continue to be available through the Exchange Admin Center (EAC).

Tool

Description

Device management

Opens the Mobile Device Management (MDM) for Office 365 page where you can set up policies and rules to help you secure and manage your users' iPhones, iPads, Androids, and Windows phones. With MDM for Office 365, users enroll their devices and you create device security policies to help secure data and manage the devices. For example, you can remotely wipe a device and view detailed device reports. To learn about getting started, see Set up Mobile Device Management (MDM) in Office 365.

Device security policies

Helps you protect your organization’s information inOffice 365 from unauthorized access. You can apply policies to any mobile device in your organization where the user of the device has an applicable Office 365 license and has enrolled the device in Mobile Device Management (MDM) for Office 365. For more information, see Create and deploy device security policies.

Data loss prevention

Lets you create policies that help you identify, monitor, and automatically protect sensitive information across Office 365. For more information, see Overview of data loss prevention policies.

Mail filtering

Fine-tune and monitor settings that help prevent spam in Office 365. Create allow and block lists, determine who is spoofing your domain and why, and configure and view spam filter policies. For more information, see Office 365 email anti-spam protection.

You can also set up a policy to check that your users aren't sending spam. This can happen, for example, if a user's computer gets infected by malware that is programmed to send email messages. To learn how you can prevent outbound spam, see Configure the outbound spam policy.

Tip: If you are currently experiencing an issue with spam, you can use the Spam and malware troubleshooter.

Anti-malware

Protects against viruses and spyware traveling to or from your organization in Office 365. Viruses are malicious software programs that, when executed, replicate themselves and modify other programs and data on the computer. Viruses spread throughout your computer looking for programs to infect and are also shared from one computer to another, often through email. Spyware gathers your personal information, such as sign-in information, and sends it back to its author. To get started configuring anti-malware policies, see Configure anti-malware policies.

Tip: If you are currently experiencing an issue with malware, you can use the Spam and malware troubleshooter.

Dkim

Intended for more advanced Office 365 administrators, but available to all Office 365 customers, DomainKeys Identified Mail (DKIM) helps ensure that other email systems trust messages that you send from Office 365. DKIM does this by adding a unique digital signature to email messages that you send from your organization. Email systems that receive email from you can use this digital signature to help determine if the email is legitimate.

Don't worry if the details of how this works seem complicated, because the default that is set up for you in Office 365 should work for most organizations. If you do not set up DKIM yourself, Office 365 uses its default policy and keys that it creates in order to enable DKIM for your domain. Also, if you disable DKIM signing, after a period of time, Office 365 automatically enables the Office 365 default policy for your domain.

If you want, you can view this page in the Security & Compliance Center and see whether or not DKIM signatures are currently enabled for your domain and you can view the last time the encryption keys used by Office 365 were rotated. You can also manually rotate the keys yourself.

Important: DKIM is only one email authentication technique used by Office 365. To be most effective, DKIM is used along with other supported techniques such as Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting, and Conformance (DMARC). Together, these domain-based authentication technologies help prevent spam and unwanted spoofing.

Before making changes to DKIM using the Security & Compliance Center, become comfortable with the technology and how it works. To get started, see Beyond the basics: More ways to prevent spam in Office 365.

Safe attachments

Safe attachments is part of Advanced Threat Protection (ATP). When enabled, email attachments are opened in a special, isolated environment that is separate from Office 365 before they are sent to recipient inboxes.

Safe attachments is designed to help detect malicious attachments even before anti-virus signatures are available. Learn how to turn on safe attachments for your users at Set up a safe attachments policy in ATP.

Safe links

Safe links is part of Advanced Threat Protection (ATP). Safe links helps prevent users from following links in email that link to web sites recognized as malicious. Learn how to turn on safe links for your users at Set up a safe links policy in ATP.

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!

×