Thoughts and ideas from My IT
What is Advanced Threat Protection (ATP) for Email?
June 20, 2017 at 8:00 AM
by Patrick Leonard

Advanced Threat Protection (ATP) can mean a lot of things, but when describing an email feature, it is a tool created to stop email threats from hitting your inbox. Since the majority of ransomware and other viruses enter a company’s network via malicious email attachments and links, it is imperative that companies do what they can to minimize their risk of a cyber-attack. (Note – ATP is called ATD by some companies, which stands for Advanced Threat Detection. For the most part, the difference in wording is semantics, but some companies use the two terms to denote email protection versus firewall protection.)

This advanced cybersecurity protection is an affordable clip-on to your Office 365 account, and a good IT firm can usually offer it to companies, including small businesses, for $2-3 a user per month.

3 Things Advanced Threat Protection Blocks

1. Spam Emails – ATP is the next-generation of spam filtering tools and although it does much more than block unwanted emails, spam emails need to be blocked because they waste company time and can lead users to undesirable websites.

2. Malicious Attachments – The ATP system examines all incoming email attachments to see if the system recognizes the attached file by scanning the bit pattern. If known, it either blocks the attachment or allows it to pass, based on previous scans. If the attachment is new, the Advanced Threat Protection system detonates (executes) the attachment in a separate area (known in the IT community as a sandbox) and looks to see if the file attempts to change the environment, meaning it is a virus. If the attachment is a virus, the email will never hit your company’s inbox, and the ATP system catalogs it in the database of known viruses. Amazingly, the system can deem an attachment as safe and deliver it to your inbox in less than a few minutes.

Good Advanced Threat Protection systems include protection from zero-day threats (viruses discovered that day) and some ATP systems even tout zero-hour detection meaning they were the first ones to catch it and updated their systems to block it within the first hour of detection.

3. Suspicious Links – ATP stops hackers’ attempts to fool users with links to malicious websites. Hackers try to trick users by writing one website address in the email but it links somewhere else, or they link to websites that redirect to a suspicious website. Hackers will also include links with intentional typos that go to websites that look similar to the real thing. These knock off websites look so real that most users willingly enter their username and password because they think they are genuine.

Generally, Advanced Threat Protection also comes bundled with email archiving, email backups, and the ability to send secure emails, which is required for HIPAA and PCI compliance. A good IT firm will suggest, and possibly require, your company use ATP to prevent viruses from attacking your network.

Subscribe to our newsletter
Let's keep in touch!

Stay updated on our news and events! Sign up to receive our newsletter.