Protect against threats in Office 365

With Office 365 Enterprise, you can help protect your organization against a variety of threats, including spoofing, malware, spam, phishing attempts, and unauthorized access to data. Use the resources on this page to learn about threat protection and actions you can take.


If you're using a custom domain in Office 365, help stop sender fraud from your organization, improve email security, and protect your domain's reputation.

Anti-spam & anti-malware

Learn about Office 365 anti-spam scoring, connection filtering, and malware capture, including default settings and how to report malicious email.

Advanced Threat Protection

Configure policies to manage spoofing, protect against phishing attacks, and catch malicious URLs or files in email messages with Advanced Threat Protection (ATP).


Get a primer on encryption, set up rights management policies and email encryption, and configure additional encryption settings. Get details about the root certificate used by our mail servers for Office 365.

Managing devices & apps

Monitor and control how mobile devices access your Office 365 data, and ban or approve mobile apps in use at your organization.

Threat intelligence

Identify, monitor, and understand attacks, and quickly address threats by using the insights and knowledge available to prevent attacks.

Additional options

Get more information about related Microsoft technologies and processes that help secure Office 365 against threats.

Expand your Office skills
Explore training
Get new features first
Join Office Insiders

Was this information helpful?

Thank you for your feedback!

Thank you for your feedback! It sounds like it might be helpful to connect you to one of our Office support agents.