IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Safe Documents sandbox tool released for Microsoft 365

The extension to Protected View automatically uploads potentially dangerous documents to be scanned by Microsoft Defender ATP

Microsoft has rolled out its Safe Documents feature for all Microsoft 365 customers in a bid to boost enterprise security by verifying untrusted files when they’re opened by a user.

When enabled by an administrator, the feature will automatically scan documents for any threats after opening the file in Protected View. This is an additional step which involves uploading and scanning by Microsoft Defender ATP.

Safe Documents essentially brings the power of the firm’s enterprise security platform Intelligent Security Graph to the desktop, with access to a live dataset of billions of data points, combing to form massive security-centric datasets.

The feature has been rolled out to rectify the limitations of Protected View, which is currently in play for all Microsoft 365 users. When opening documents received from external sources, the company suggested, people often exit the Protected View sandbox without considering whether the document is safe.

It was initially previewed in February 2020, when it was touted as a means to automate a crucial phase in the security of opening documents, which may often be overlooked if this decision is in the hands of the individual user.

“While a scan is in progress, Safe Documents will prevent users from exiting the Protected View container,” Microsoft’s security employee Kenny Shi said. “Users are still able to access and read the document during this process but will be unable to make any edits until the scan has completed.”

“Once the file has been successfully scanned, users will be able to leave the Protected View container with confidence that their file is safe.”

If the file being scanned is identified as being malicious, users will be prevented from leaving Protected View entirely, with administrators able to decide whether users can bypass and ‘enable editing’ for malicious files using the Admin portal.

In addition to the added security features, IT admins will be given access to an Advanced Hunting feature to get additional analytical information on users.

Safe Documents is turned off by default, with security administrators able to activate the feature by navigating to the Security and Compliance centre within Microsoft 365. Organisations will need a Microsoft 365 E5 Security license in order to use the feature.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
UK water supplier confirms hack by Cl0p ransomware gang
ransomware

UK water supplier confirms hack by Cl0p ransomware gang

16 Aug 2022