Microsoft has expanded the application protection mechanism known from Windows and is now also using it in Office 365. The approach opens potentially dangerous office documents in a container that is sealed off from the rest of the system. For example, a Trojan downloaded from a file using macros cannot infect the Windows systems.
The function in Office 365 is not yet included as standard, admins have to install at least the beta version. In addition, the current version of Windows 10 and the security update package distributed on patch day are mandatory. It is not yet known when the function will be included in the release version.
Admins Must Activate The Security Feature In Several Steps
If these requirements are met, admins must activate the security feature in several steps. After downloading and installing the application package for Office 365, the entry appears in the administrative templates. You have to activate this entry. The Application Guard function can then be switched on under Windows settings. A group policy of the same name now appears, which can be activated with the option. If you now open a Word document created outside the company, a Word icon with a protective shield in front of it appears in the taskbar when the function is active. Microsoft describes further information on the setup in an article.
The activate processing button only appears if the document is classified as harmless. However, if malicious code or suspicious functions are detected, the file remains in protected view and a warning is sent to the company’s Office 365 dashboard. At the start, safe documents are only available to customers with a Microsoft 365 license – the most expensive Office 365 package from Microsoft. In addition, the function is deactivated at the factory. Administrators have to turn them on if they need more security for their users.
Microsoft provides detailed instructions on how to deploy and configure Application Guard for Office, as well as licensing and minimum hardware/software requirements.