Challenge #6
Implement Malware Alerting System
Strengthen your internal security with a malware alerting system in Microsoft 365. Be instantly informed when internal users send malware-infected files.
Why?
Cybersecurity isn’t just about warding off external threats; it’s equally crucial to keep an eye on what happens inside your digital domain. Despite having a robust external defense with Exchange Online Protection (EOP), internal threats, often accidental, can pose a significant risk. Imagine a situation where an employee unknowingly sends a malware-infected file. Without immediate detection, this can escalate into a substantial security breach.
This is where an internal malware alerting system becomes invaluable. It acts like a vigilant sentinel, immediately informing your IT security team if such an incident occurs. This rapid response system isn’t just about reacting to threats; it’s a proactive tool for swift action and thorough investigation. It ensures that a minor incident doesn’t snowball into a major crisis. By implementing this, you involve everyone in your organization in the collective effort of maintaining cybersecurity, reinforcing the idea that security is a shared responsibility.
How?
Activating a malware alerting system in Microsoft 365 is a straightforward process. Here’s how you can set it up to keep your internal communications secure:
Step 1: Go to the Microsoft 365 Defender Portal
On your computer, launch a new browser window (Edge, Chrome), and type in https://security.microsoft.com/ and press enter.
Note: You will require Microsoft 365 administrative credentials – be sure to have the username and password ready.
Step 2: Adjust Email & Collaboration Policies
Within the Microsoft Defender Center:
- Look for and select Email & Collaboration along the left-hand side menu
- Under Email & Collaboration, look for and select Policies & rules
- In the Policies & rules window, select Threat policies
Step 3: Edit Anti-malware Settings
- Within the Threat policies window, under Policies, find and select Anti-malware
- Within the Anti-malware window, select the Default (Default) policy
Step 4: Configure Notifications
- Now with the Default policy open, scroll down and select Edit protection settings
- Under Notifications and Admin notifications, check the box to Notify an admin about undelivered messages from internal senders
- Now specific an admin email address to receive the notifications and alerts
- If you’d like, you could also enable customized notification text but, for now, you’ll be fine with just the default notifications
Step 5: Save Your Settings
- Once you are satisfied, click Save.
While you’re here…
The 3 Hidden Costs of a “Good Enough” MSP
Most leaders rate their IT provider a 7 out of 10—safe, but not stellar. The problem? A “good enough” MSP hides costs that quietly erode your business: downtime employees don’t bother reporting, compliance gaps attackers exploit, and unpredictable invoices that wreck your budget. Here’s what those hidden costs look like—and how a proactive MSP can flip IT from a liability into a growth driver.
Technology Choices Shouldn’t Be a Gamble: How SMBs Can Make Smarter, Safer Decisions
Navigating the technology marketplace can feel like a gamble for small and mid-sized businesses. Without a deep IT background, leaders often make hurried, ill-informed decisions that lead to hidden costs, security risks, or the wrong solution entirely. This post shows you how to avoid common pitfalls, ask better questions, and make technology choices that truly fit your business goals.
Locked Out: Why Every Business Owner Should Have the Keys to Their Tech
Being locked out of your own IT is more than a technical problem, it’s a business risk. From domains to backups, here are the 5 “keys” every business owner must control to avoid dependency on their IT provider.