# Attachments SHOULD Be Scanned for Malware

## Description

Safe attachment protection policies from Defender for Office 365 should be enabled and configured for Teams. Attachments should be scanned in a sandbox for malware upon opening or downloading.

## Policy

* Attachments included with Teams messages SHOULD be scanned for malware. Users SHOULD be prevented from opening or downloading files detected as malware.

## Licensing Considerations

Safe Attachments can be configured with the Following plans

* Defender for Office 365 Plan 1/2
* Microsoft 365 Business Premium
* Office 365 E5/A5/G5
* Microsoft 365 E5/A5/G5
* Microsoft 365 E5/A5/G5 Information Protection and Governance
* Microsoft 365 E5/A5/G5/F5 Compliance and F5 Security & Compliance

## Set Up Instructions

Resources:

[Turn on Safe Attachments for SharePoint, OneDrive, and Microsoft Teams - Office 365 | Microsoft Learn](https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-configure?view=o365-worldwide#use-exchange-online-powershell-to-turn-on-safe-attachments-for-sharepoint-onedrive-and-microsoft-teams)

To enable Safe Attachments for Teams follow the steps listed [here](https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-configure?view=o365-worldwide#step-1-use-the-microsoft-365-defender-portal-to-turn-on-safe-attachments-for-sharepoint-onedrive-and-microsoft-teams)

## End-User Impact

{% hint style="info" %}
Level: <mark style="color:green;">Low</mark>
{% endhint %}

When safe attachments are enabled in Teams users will experience more latency for files to open as they are scanned. Users will get a prompt in Teams that lets them know the file is being scanned for malicious content.

{% hint style="info" %}
Tips

None Currently
{% endhint %}

## PowerShell Scripts

[Turn on Safe Attachments for SharePoint, OneDrive, and Microsoft Teams - Office 365 | Microsoft Learn](https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-configure?view=o365-worldwide#use-exchange-online-powershell-to-turn-on-safe-attachments-for-sharepoint-onedrive-and-microsoft-teams)

## Videos

{% embed url="<https://www.youtube.com/watch?v=An7YLf_dfpk>" %}

{% embed url="<https://www.youtube.com/watch?v=JQM52r3ok8c>" %}