Safe documents – Office 365 ATP [General Availability]
Safe Documents is a new feature that improves the existing Protected View experience. The feature automatically verifies the document against the latest known risks and threats before allowing users to leave the Protected View container.
- Microsoft 365 E5
- This feature is off by default and needs to be enabled by a Security Administrator
- Go to Threat Management > Policy > ATP Safe Attachments
- Check ‘Turn on Safe Documents for Office clients’
- You can check the another option to allow users to bypass protections if a file is malicious.
Untrusted files that open in Protected View go through an additional flow where the document is uploaded and scanned by Microsoft Defender ATP.
While a scan is in progress, Safe Documents will prevent users from exiting the Protected View container. Users are still able to access and read the document during this process but will be unable to make any edits until the scan has completed.
Once the file has been successfully scanned, users will be able to leave the Protected View container with confidence that their file is safe.
In case of a malicious file, users will be blocked from leaving the Protected View container. Admins can configure whether users can bypass and ‘Enable Editing’ for malicious scenarios in the Admin portal.
Learn more about the user experience in this article.