Security policies provide flexible protection of mailboxes that are hosted in your Exchange Online. In the security policies, you specify what to do with the detected malware, phishing, spam, mass mail, unwanted attachments, and email messages from unwanted senders. Depending on your settings, Kaspersky Security for Microsoft Office 365 will take an action or send a notification to selected recipients.
Kaspersky Security for Microsoft Office 365 has a default security policy that contains settings recommended by the Kaspersky experts. You can also configure custom security policies for specific users and groups.
You can create a combination of conditions in one policy, or use several policies at once, to protect your company mailboxes. When a policy is created, it is assigned a priority. You must also specify a protection scope for each policy. The protection scope is a combination of mailboxes and user groups that are selected for protection, and mailboxes and user groups that are excluded from protection. The selected mailboxes are protected by the policy only when the policy is enabled.
When Kaspersky Security for Microsoft Office 365 detects malware, phishing, spam, mass mail, certain attachments in the email messages, or email messages from unwanted senders, the application determines the security policies that are applicable to the email message. A security policy is applicable if the actions with the detected item are configured in the policy and if the protection scope includes the mailbox in which the email message is detected.
If several policies are applicable for a detected item, only the policy with the highest priority is applied. If several items are detected in one message, only the policy with the highest priority is applied for each detection type (malware, phishing, spam, mass mail, or a specific attachment format).
For example, when you need to move email messages containing spam to the Junk Email folder for all users, but for the PR group you only want to tag the email messages, you can create a high-priority custom policy for spam with the PR group selected in the protection scope. This policy will take precedence over all of the other policies with lower priorities for the spam detected in PR group mailboxes. If a lower-priority policy for all users from this example also has Anti-Malware option switched on, it will apply to malware detected in PR department mailboxes.
This section provides instructions on working with the default security policy and on configuring custom security policies for email messages.