Microsoft unveiled a couple of security features for Microsoft 365 early in 2020, which included Application Guard. Today, the company announced that Application Guard for Office has hit general availability.
The feature basically puts documents from untrusted sources in a container before opening them in order to ward off malicious threats. Microsoft also noted that it analyzes every malicious attack contained by Application Guard to bolster its threat intelligence. Your files are also protected from kernel-based attacks since it uses Hyper-V-based containers.
Unlike Protected View which opens documents in read-only mode, Application Guard opens files in a virtualized sandbox where you can still edit and print documents in a limited capacity without leaving the container. These files include those coming from untrusted sites, files stored in potentially unsafe folders or network, and documents blocked by File Block.
That said, you can still choose to disable protection for a specific file if necessary, provided you're confident that it's safe. Prior to opening that file, it will be scanned with the Safe Documents feature if it's enabled. In addition to documents, emails are protected as well with combined security from Application Guard and Microsoft Defender for Office 365.
The new feature is turned off by default and administrators will need to set the right policy for each user in an organization. It's available to customers on Current Channel and Monthly Enterprise Channel while a rollout in Semi-Annual Enterprise Channel is scheduled later this year.
3 Comments - Add comment