Identifying scam emails can often times be difficult for workers which is why Microsoft is planning to give organizations the ability to allow emails containing malicious URLs or attachments to reach the mailboxes of their employees in order to run training sessions or simulations.
When the new feature becomes available in Q3 of this year, Office 365 security administrators will able to choose items that contain threats and allow them to reach employees’ inboxes via a self-remediation portal. Any selected items will be able to bypass all layers of the Office 365 Exchange Online Protection (EOP) filtering stack which scans for and blocks spam emails.
Microsoft provided more details on its self-remediation portal in a post on its Microsoft 365 roadmap, saying:
“One of the ways Office 365 ATP protects customers is by blocking malicious attachments and URLs from reaching end users. We understand that from time to time, customers may want to ensure delivery of certain messages containing malicious content for specific reasons, such as phishing simulations and training. In order to provide a way for our customers to easily reconcile this at time of click and during mail flow, we’re developing a portal to help you self-remediate. This portal gives admins the opportunity to explicitly allow or block attachments and URLs in your Office 365 tenant.”
To help organizations not have their phishing simulations blocked, Microsoft’s new Tenant Allow/Block list portal will give admins the ability to allow or block certain attachments and URLs in Office 365.
Companies looking for another easy way to run simulations with their employees can also take advantage of the Attack Simulator tool in Office 365 ATP. The tool allows security admins to run a number of different attack simulations including spear phishing, password spray and brute force attacks.
Microsoft is aiming to roll out its Tenant Allow/Block list portal during the third quarter of this year and when it is released, it will be made generally available to all customers with an Office 365 Advanced Threat Protection plan.
Providing organizations with an easy way to run various simulations makes a lot of sense as it will help them improve their overall security posture while using the tools from Microsoft employees are already familiar with.