On Monday, August 24, 2020, Cornell will implement Microsoft Advanced Threat Protection (ATP) Safe Attachments for the university’s Office 365 email service. This addition to the university’s current email security portfolio will provide increased protection to Office 365 email accounts at Cornell, particularly against advanced malware received through infected email attachments, an established and persistent vector for attacks against large institutions. 

This new protection will remain largely transparent to email users; email delivery with attachments may be slightly delayed while scanning occurs. However, should an unsafe email attachment be detected by ATP Safe Attachments, it will be removed from the email and replaced by a short text file that lets the user know the malicious attachment file name and the action taken. Removed attachments can be recovered in the event they were incorrectly identified. On the rare occasion this may happen, please contact the IT Service Desk for assistance recovering attachments.

ATP Safe Attachments is a proven, fully licensed security tool that is used widely around the world. It reduces the chances of malicious attachments infecting computers, and especially complements and adds to measures taken by CrowdStrike (another important component of Cornell’s IT security strategy). All suspicious content goes through a real-time behavioral malware analysis that uses machine-learning techniques to evaluate the content for suspicious activity.

If you have questions about ATP Safe Attachments, you can contact the IT Security Office.