MS.DEFENDER.3.1v1 - Safe attachments SHOULD be enabled for SharePoint, OneDrive, and Microsoft Teams.

Information

Clicking malicious links makes users vulnerable to attacks, and this danger is not limited to links in emails. Other Microsoft products, such as Microsoft Teams, can be used to present users with malicious links. As such, it is important to protect users on these other Microsoft products as well.

Solution

To enable Safe Attachments for SharePoint, OneDrive, and Microsoft Teams, follow the instructions listed at [Turn on Safe Attachments for SharePoint, OneDrive, and Microsoft Teams \| Microsoft Learn](https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-configure?view=o365-worldwide).

1. Sign in to Microsoft 365 Defender.

2. Under Email & collaboration, select Policies & rules.

3. Select Threat policies.

4. Under Policies, select Safe Attachments.

5. Select Global settings.

6. Toggle the Turn on Defender for Office 365 for SharePoint, OneDrive, and Microsoft Teams slider to On.

See Also

https://github.com/cisagov/ScubaGear/tree/v1.5.0/

Item Details

Category: ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-4, 800-53|CA-7, 800-53|CM-2, 800-53|CM-6, 800-53|CM-7, 800-53|IA-9, 800-53|SC-7, 800-53|SC-20, 800-53|SC-44, 800-53|SI-2, 800-53|SI-3, 800-53|SI-4, 800-53|SI-7, 800-53|SI-8, 800-53|SI-10

Plugin: microsoft_azure

Control ID: 8b845d9cbeee043492d1de457366832615e309525a918a8293881c104ed943a4