Safe links do not apply to internal emails
Recently one of my user's credential compromised and using his credential and intruder sent email containing a malicious link. The email directly delivered to other person as it was treated as internal email.
ATP by design doesn't apply safe link policy to internal emails. So I can clearly say it is a high security risk.
Internal user can also do it by intention or by unknowingly, which will in return damage the environment instead of having ATP in place.
So my suggestion is to apply the safe link policy to internal as well as external emails.
The ability to apply SafeLinks policies to intra-organizational mail is rolling out currently. Thank you for the feedback!
Emily Flanagan commented
Is there a link to this change on the M365 roadmap?
Paul Bird commented
Awesome, thanks Admin! *Goes off to raise the Change...*
Exposure to the organization if an internal user unintentionally sends a bad link to other users within the organization and it has not processed through the ATP engine.
ATP should protect internal clients within the tenant
Please add safe attachments for internal recipients!! This is a huge security flaw if one of your internal users is compromised!
Al Douglas commented
Wouldn't this be covered if you added a policy to specific recipients? Create it for recipients of your domains. I made one called "All <company name> mailboxes"
Justin Jolly commented
yes this is must to have feature in safe link