Upcoming changes to Office 365 ATP and Automatic Forwarding
Information protection is as crucial as ever. With all the power that the Cloud brings you and your end-users, new ...
Information protection is as crucial as ever. With all the power that the Cloud brings you and your end-users, new security challenges arise. To meet the needs of information protection within your organization, Microsoft offers a range of features that cover the needs in this area, within Microsoft 365.
Attackers have been using a well-known tactic to get hold of corporate data, where they utilize automated external email forwarding on users' accounts that have been compromised.
In working with preventing data being extracted from compromised accounts, Microsoft is now launching a feature update to Office 365 ATP that will disable the possibility for external email forwarding as a tenant wide setting within Office 365. The feature is currently being planned for implementation from September 1, and it's recommended to act before August 28.
To read more about this push, see Roadmap ID 638312
How will this affect you?
At the end of this month, changes will be pushed to Office 365. The changes will disable the possibility of end-users setting up external forwarding from their mailboxes. Meaning automatic forwarding outside of your organization will be blocked, and a non-delivery report (NDR) will be sent to the user.
The change only affects forwarding outside of your organization; internal automatic forwarding will continue to work as-is.
What can you do to prepare?
Microsoft is rather clear on what you should do as an organization to get ahead of this.
- Within the Security and Compliance center, use the 'Auto-forward messages report' to identify which users forward messages outside of your organization. (Look for SMTP forwarding or Inbox rules, Exchange transport rules are unaffected)
- Configure your outbound spam policies to allow external forwarding for either your entire organization or specific users. *
*We don't recommend to enable this for your entire organization, enable only this for system- and/or service-accounts
Do you need any guidance or help?
All of our Best Place to Work Customers will be contacted for a follow up on this topic. If you are not a Best Place to Work customer: Don't worry; we are here for you.
Please contact us if you feel the need for help looking into this, or just want to have a chat about life and the awesome possibilities that are out there in the Cloud.
