Target Audience
- This is intended for administrators who perform initial setup and operational management of Cloud Protection.
Purpose
- Before applying the actual policy, it is recommended verifying the extent to which Cloud Protection detects threats within the organization. This page describes how to create a recommended initial setup policy that notifies administrators when a threat is detected.
Notes
- The content of this article is based on the product specifications as of July 2025 and may change without notice thereafter.
- Administrator privileges for Cloud Protection are required to verify actual screens and make changes to settings.
- The URL of the Cloud Protection administration console varies depending on the customer tenant.
- Policies can be specified on a Microsoft 365 tenant basis.
- The policy created in this article will only notify administrators of threats without quarantining or deleting them.
Procedure
Cloud Protection policies are settings that define what actions to take when security threats are detected on Microsoft 365 (Exchange Online / SharePoint / OneDrive / Teams).
Creating a New Policy
1. Open the Cloud Protection administration console.
Refer to the following steps for how to access the administration console.
[Cloud Protection] How to Log in to the Administration Console
2. Click [COLLABORATION PROTECTION] - [Policies] from the menu on the left side of the screen.
3. Click [Add Policy] at the top of the screen.
4. The policy creation screen will be displayed, so modify the policy according to the following steps and click [Save].
・[General Tab]
[Policy Settings] - [General] - [Policy Name]: (Example) Initial Setup Policy
[Policy Settings] - [General] - [Description]: (Example) This is a recommended initial setup policy that notifies the administrator account when malicious content is detected.
[Policy Settings] - [Notification] - [Recipient Email Address]: Enter the email address to receive security alerts and administrator notifications.
・[Exchange Tab]
[Malware Scanning] - [Action]: Take no action / Notify the administrator
[URL Scanning] - [Action] - [Malicious URL]: Take no action / Notify the administrator
[URL Scanning] - [Action] - [Suspicious URL]: Take no action / Notify the administrator
[Inbox Rule Scanning] - [Action]: Notify the administrator
[Compromised Accounts] - [Action]: Notify the administrator
[Notification]: Change as needed.
・[SharePoint Tab]
[Malware Scanning] - [Action]: Take no action / Notify the administrator
・[OneDrive Tab]
[Malware Scanning] - [Action]: Take no action / Notify the administrator
・[Teams Tab]
[Malware Scanning] - [Action]: Take no action / Notify the administrator
Assigning the Policy
Assign the detection policy created in this article to the connected Microsoft 365 tenant.
Refer to the following article for how to assign policies.
Changing Policy Assignment
Modifying the Policy (Post-Operation)
After operating with the initial setup policy, please refer to the following Help Center to modify the policy as needed according to your security policy and environment.
Consideration of Operational Policies
For detailed settings of each tab, please refer to the following articles.
※ The default notification text is in English, so please refer to the following policy settings notification items and change as needed.
Policy Settings (General)
Policy Settings (Exchange)
Policy Settings (SharePoint)
Policy Settings (OneDrive)
Policy Settings (Teams)