Office 365 ATP Recommended Configuration Analyzer – Best Practices!
Office 365 Advanced Threat Protection is growing and evolving over time. Writing documentation takes time – automation doesn’t. Automatically export your O365 ATP settings in one HTML file to see the scores and recommendations.
Solution: ORCA! Orca is a report that you can run in your environment which can highlight known configuration issues and improvements which can impact your experience with Office 365 Advanced Threat Protection (ATP).
Start from Exchange Online Powershell
Start up your Exchange Online Powershell Module from:
- Echange Control Panel: Https://outlook.office.com/ECP
- Click on Online Powershell Module or directly connect to: http://aka.ms/exopsmodule
Installation of ORCA
- Install-Module ORCA
Run ORCA
- Get-ORCAReport
Results
The results are logged in a log in your userprofile. And will be populated in a really great HTML overview.
High-level overview of the Office 365 ATP ORCA Report
Recommendation example
What’s in scope?
- Configuration in EOP which can impact ATP
- Safe Links configuration
- Safe Attachments configuration
- Antiphish and antispoof policies.
Coming Soon!
- At MS Ignite session’s Microsoft announced a new best-practice portal in Office 365’s admin console. This session can be found here: 79719(BRK2104)
Bring it all together
- Export and compare multiple customer-scenario’s. This will help you determine the differences.
- Modern Security mechanisms as Office 365 ATP are continues improving and need continues attention and recurrent validations. (each month!)
- In 2018, the percentage of inbound emails that were Phishing messages grew 250%. That trend has continued to grow with increased level of targeting and sophistication! Still super important!
- Focus on user education and training. In addition to advanced security tools for detection, investigation and response still 40% is user-related.
- More and more control an reporting will come to the Office 365 portal!
- AND NOW since you have the report in a easy way. ACT and enable best-practices!