Challenge #6
Implement Malware Alerting System
Strengthen your internal security with a malware alerting system in Microsoft 365. Be instantly informed when internal users send malware-infected files.
Why?
Cybersecurity isn’t just about warding off external threats; it’s equally crucial to keep an eye on what happens inside your digital domain. Despite having a robust external defense with Exchange Online Protection (EOP), internal threats, often accidental, can pose a significant risk. Imagine a situation where an employee unknowingly sends a malware-infected file. Without immediate detection, this can escalate into a substantial security breach.
This is where an internal malware alerting system becomes invaluable. It acts like a vigilant sentinel, immediately informing your IT security team if such an incident occurs. This rapid response system isn’t just about reacting to threats; it’s a proactive tool for swift action and thorough investigation. It ensures that a minor incident doesn’t snowball into a major crisis. By implementing this, you involve everyone in your organization in the collective effort of maintaining cybersecurity, reinforcing the idea that security is a shared responsibility.
How?
Activating a malware alerting system in Microsoft 365 is a straightforward process. Here’s how you can set it up to keep your internal communications secure:
Step 1: Go to the Microsoft 365 Defender Portal
On your computer, launch a new browser window (Edge, Chrome), and type in https://security.microsoft.com/ and press enter.
Note: You will require Microsoft 365 administrative credentials – be sure to have the username and password ready.
Step 2: Adjust Email & Collaboration Policies
Within the Microsoft Defender Center:
- Look for and select Email & Collaboration along the left-hand side menu
- Under Email & Collaboration, look for and select Policies & rules
- In the Policies & rules window, select Threat policies
Step 3: Edit Anti-malware Settings
- Within the Threat policies window, under Policies, find and select Anti-malware
- Within the Anti-malware window, select the Default (Default) policy
Step 4: Configure Notifications
- Now with the Default policy open, scroll down and select Edit protection settings
- Under Notifications and Admin notifications, check the box to Notify an admin about undelivered messages from internal senders
- Now specific an admin email address to receive the notifications and alerts
- If you’d like, you could also enable customized notification text but, for now, you’ll be fine with just the default notifications
Step 5: Save Your Settings
- Once you are satisfied, click Save.
While you’re here…
SMB Leaders Step Forward: Make Technology a Lever, Not a Liability
Smart SMBs know IT isn’t just about keeping the lights on – it’s about leading with intent. Discover how to guide technology decisions strategically and turn IT into a true driver of growth, efficiency, and confidence for your business.
Do You Need In-House IT or an MSP?
Still asking “who’s fixing the Wi-Fi?” every Monday morning? You’re not alone. This guide breaks down when to stick with DIY IT, hire in-house, or call in an MSP—based on your company’s size and growth.
The 3 Hidden Costs of a “Good Enough” MSP
Most leaders rate their IT provider a 7 out of 10—safe, but not stellar. The problem? A “good enough” MSP hides costs that quietly erode your business: downtime employees don’t bother reporting, compliance gaps attackers exploit, and unpredictable invoices that wreck your budget. Here’s what those hidden costs look like—and how a proactive MSP can flip IT from a liability into a growth driver.