Microsoft has made an important change to Office 365 you should be aware of.
The company recently introduced a new feature called Application Guard, which is now available to all Office 365 users with supported licenses.
The Application Guard blocks files that have been downloaded from untrusted sources by shunting them to sandboxes.
These isolated, secure containers allow Office 365 users to read, edit and print those files without having to open them outside the container. That means you don’t put your network at risk by manipulating files from untrusted sources.
Microsoft initially previewed the new feature on a limited basis back in November, 2019 and since then, the company has been continuing to refine it. It’s now ready for prime time, and available to all Microsoft 365 users with E5 or E5 security licenses.
Admins should be aware, however, that the new feature is toggled off by default. If it’s something you want to make use of, you’ll need to enable it for each of the applications you intend to use it for. It’s also worth mentioning that the new feature only works on endpoints running at least Windows 10 Enterprise version 2004 (20H1) that also have the cumulative monthly security update KB4571756 installed. So there may be some prep work needed before you’re ready to roll out the new feature on your company’s network.
Finally, be aware that the new Application Guard feature is integrated into both Microsoft Defender for Office 365 and Microsoft Defender for Endpoint. So once the system is up and running, you’ll be able to easily monitor and receive alerts from secure containers in the event that Microsoft Defender detects one or more problematic files within them.
Overall, this is an excellent enhancement that will make your network safer and more secure. Kudos to Microsoft for an excellent job here. Try it out at your next convenience.