Recently one of my user's credential compromised and using his credential and intruder sent email containing a malicious link. The email directly delivered to other person as it was treated as internal email.
ATP by design doesn't apply safe link policy to internal emails. So I can clearly say it is a high security risk.
Internal user can also do it by intention or by unknowingly, which will in return damage the environment instead of having ATP in place.
So my suggestion is to apply the safe link policy to internal as well as external emails.
Manoj Malik147 votes
The ability to apply SafeLinks policies to intra-organizational mail is rolling out currently. Thank you for the feedback!
Audit reporting to identify what documents our users have shared with external contacts form their OneDrive. This missing feature is holding us back from rolling out OneDrive and getting all it's benefits.53 votes
These events were made available a while back. In the UX, look in the activity picker for these events under the “Sharing and access requests activities” section.
Provide the facility to automate the production of audit reports (to CSV ideally) from the new Protection Center so that audit data can be downloaded on a schedule and then imported into a local SQL database for detailed reporting and analysis using Reporting Services for company board meetings. This is a genuine request from a client of ours due to the sensitivity of documents they hold so they need to be able to report at weekly board meetings on user activity6 votes
The Office 365 Management Activity API addresses the need to have an API to access audit and activity logs.
- Don't see your idea?