Last updated on Apr 4, 2019
Creating an Office 365 Safe Links Policy.
Safe Links is part of Office 365 ATP (Advanced Thread Protection. Safe links can help an organization by providing a feature called time-of-click verification of web addresses (urls). So what does this mean? Safe link will scan urls in email messages as well as Office documents for any malicious content.
To get started with configuring ATP Safe Links, follow the below.
Navigate to the Microsoft 365 Security & Compliance center and sign in using your admin account credentials.
In the Security & Compliance Center, click Threat management > Policy.
Click ATP Safe Links.
From the Safe Link Policies that apply to specific recipients menu, click New (+)
Provide and name and description for the new policy.
Select the action for unknown potentially malicious URLs in message, select On “Urls will be rewritten and checked against a list of known malicious links when user clicks on the link.”
In the next steps, we need to apply the actions for when a links needs to be scanned when its sent from outside or inside the organization.
Select Use Safe Attachments to scan downloadable content to enable URL detonation to scan files hosted on web sites.
For example, if an email contains a link such as http://thatlazyadmin.com/maliciousfile.pdf, the .pdf file is opened in a separate hypervisor environment and, if the file is found to be malicious, users will see a warning page if they click the link.
Select Apply Safe Links to messages sent within the organization to provide the same level of protection when links are sent by email within the organization.
Do not select Do not track when users click safe links so that you are able to track and monitor when users click links that are determined to be malicious.
Select Do not allow users to click through to the original URL to prevent users from proceeding to the target web site if it is found to be malicious.
For some organizations they have internal Urls for business application or to partner portals which they frequently access and are known to be safe, then you set these Urls to not be rewritten.
To do this add the Urls under Do not rewrite the following URLs.
Finally select who the Safe Links Policy applies to, under Applied To . Select who this policy will affect.
To complete the Policy click on Save at the bottom of the page.