On Tuesday 6-12-2018 Yale enabled Microsoft Defender to provide an additional level of protection against online threats. Microsoft Defender provides two services that strengthen email, chat, and data protections for files stored in OneDrive, Teams, and Sharepoint for Yale University: Safe Attachments and Safe Links.
To put safeguards in place to better protect the Yale community from malicious attacks, such as the recent WannaCry or Petya ransomware attacks which spread globally. These protections will reduce the likelihood that members of the Yale community will become victims of similar exploits in the future.
There is no impact on email exchanges with other Yale accounts within Yale's Office 365 environment ("@Yale.edu" accounts).
For attachments sent by senders external to Yale's Office 365 environment, there will be no visible change to the email experience other than a slight delay in delivery, as long as the email and attachment are not infected with known malware.
Links in emails sent from external addresses (accounts other than "@Yale.edu" accounts), as well as links shared in Microsoft Teams chats or stored in documents saved in Teams, OneDrive, or Sharepoint, will be analyzed and scanned by the Safe Links service. This means that the links will look different, and a safety warning will be displayed if a link is clicked that points to a known malicious website. Links deemed to point to "safe" sites will not display any warning, but go directly to the link destination.
Yes, these protections will be in place no matter which browser or email program is used.
No - all Yale Office 365 emails will be protected.
To ensure maximum protection there will be very few exceptions to Safe Attachments and Safe Links processing. If significant operational interruptions occur from repeated false positives, a determination will be made on how best to resolve the issue. Please contact the ITS Help Desk at 203-432-9000 to report such issues.
What about privacy? Will Microsoft now track who, when, and what links Yale users click on? What will they do with this information?
No. According to the Microsoft 365 privacy statement, Microsoft will use Yale data only to provide the services we receive via the Office 365 platform. This may include troubleshooting aimed at preventing, detecting, and repairing problems affecting the operation of the services and the improvement of features such as the detection of, and protection against, emerging and evolving threats to members of the Yale community (such as malware, ransomware, or spam).