Untrusted files from the internet, and other unsafe locations, can contain bugs, viruses and other malware that can harm your computer and data. Dyrand would like you to be aware of the new security feature that Microsoft has added to Office 365. It’s called Application Guard and is now available to all supported licensed 365 users, specifically organizations running Microsoft 365 E5 or Microsoft 365 E5 security licenses.
Application Guard blocks downloads from untrusted sources, shunting them to sandboxes. Application Guard is a defence technology that quarantines untrusted office documents to prevent them from reaching the operating system or its applications. If you feel that the file is safe, you can always choose to remove Application Guard protection from that file.
When Application Guard is enabled, Office opens the file in Application Guard if the document is opened in an unsafe location. They are placed in secure containers and are isolated with the aid of hardware-based virtualization preventing untrusted documents opened in Office to affect the operation and security of the operating system and applications.
Application Guard and Office 365
Application Guard for Office opens and isolates files in Office’s three main applications: Word, Excel, and PowerPoint. If documents come from untrusted internet or intranet domains or are untrusted attachments in the Outlook email client, they are opened in a virtual environment called a sandbox.
Application Guard opens untrusted documents as read-only for the operating system, yet these files can be manipulated, printed, edited and saved, remaining in the isolation container. Each time they are opened they are quarantined in the sandbox. Outdated file types are also quarantined.
Application Guard will also block malicious attachments from downloading other malicious tools that exploit systems and software. It also prevents malicious software from executing tasks that could have a negative impact on devices and data.
The History of Application Guard
This feature debuted in 2018, originally designed for Edge, Microsoft’s Windows 10 browser. It was based on Microsoft 365 Defender. Microsoft Defender Antivirus was known as Windows Defender Antivirus. It was a malware component of Microsoft Windows.
Launch Application Guard
Application Guard is set to “off” by default, requiring an IT admin to turn it on. Then the IT needs to set and distribute group policies to individual users. See the installation guide for ITs and admins: click here.
What Conditions Launch Application Guard?
- Internet files: If a file is downloaded from a nonsecure, or untrusted site, is an attachment from a sender outside your organization, or a file opened from internet messaging applications, or a file opened from a OneDrive or SharePoint location, it will be opened by Application Guard.
- Files from unsafe locations: This includes folders on your computer or network that are untrusted, like temporary internet folders or folders not assigned by your administrator.
- Files blocked by File Block: This prevents outdated versions from opening. The file is opened in a Protected View and disables the Save and Open feature.
Dyrand Likes Application Guard
This is an excellent enhancement that will make your network safer and more secure. Contact us and we can explain how it can help your organization. We consider this another way to stay ahead of those evolving threats. We help small businesses handle big issues.