6ff5ce 365



Apr 27, 2020 On April 21, Office 365 became Microsoft 365. The name change is more than a little confusing, but the actual subscription packages remain the same. Here is a breakdown. Hotmail Can T Log In. Expand your Outlook. We've developed a suite of premium Outlook features for people with advanced email and calendar needs. An Office 365 subscription offers an ad-free.

ITS highly recommends using the Outlook email client or Outlook Web App (OWA) to access your USC Office 365 email. This page provides links to documentation on how to configure your email client to access Office 365. You can set your email client to access your Office 365 account using either Exchange or Internet Message Access Protocol (IMAP) settings.

Exchange Versus IMAP

There are several advantages to setting up your email client to use Exchange rather than IMAP settings. Exchange only requires that you provide your email address and password for set up; IMAP, however, requires additional server information. Exchange also provides direct access to the USC calendar that is a part of your Office 365 account.

If you are using Microsoft Outlook as your email client, you should use the default Exchange connection type. At this time, ITS also supports connecting with other compatible mail clients using the Exchange and IMAP4 with OAuth2 connection methods, although Exchange is highly preferred.

Setting Up an Office 365 Account Using Exchange

For documentation on setting up your Office 365 account on an email client using Exchange, please see the links in the side navigation to the right of this page.

NOTE: The versions of Outlook that are listed below are the only versions that are supported by Microsoft for use with Office 365.

Microsoft 365 Apps for Enterprise
Outlook 2019
Outlook 2016

Setting Up an Office 365 Account Using IMAP and SMTP with OAuth2 Authentication

Below you will find information on configuring ITS-supported email clients to access your Office 365 account using IMAP and SMTP with OAuth2 authentication. You will need to know your Office 365 email address (based on your USC NetID username), password, and the Office 365 server settings in order to successfully set up your email client. ITS is no longer permitting new accounts to connect with IMAP and SMTP without OAuth2. Existing accounts configured to connect using IMAP and SMTP will need to update their client and client configuration to an OAuth2 compatible client soon as ITS will no longer support basic authentication beginning in early 2021.

365

IMAP and SMTP with OAuth2 Server Settings

The following are the incoming and outgoing IMAP server settings for Office 365.

SettingIMAP (incoming)SMTP (outgoing)
Server Nameoutlook.office365.comsmtp.office365.com
Port Number993465 or 587
Encryption MethodSSL/TLSSSL/TLS
Authentication MethodOAuth2OAuth2
UsernameNetID@usc.edu (which maybe different from your preferred email address)NetID@usc.edu (which maybe different from your preferred email address)

The following screenshots provide summary information on how to connect your email client to Office 365 using the Exchange and IMAP/SMTP (non-Outlook email clients) protocol.

Office

Configuring for Exchange

365 office free trial

Find the Mail item in the Windows control panel to add or edit your Outlook account profile.
NOTE: Outlook for Mac configuration is similar

Configuring for IMAP/SMTP with OAuth2

Use the following screenshot as guidance for configuring your IMAP/SMTP client with OAuth2. The example is for Thunderbird V78.4.

Getting Help

For assistance configuring your email client for Office 365, please contact the ITS Customer Support Center.

-->

Applies to

This article will introduce you to your new security properties in the Cloud. Whether you're part of a Security Operations Center, you're a Security Administrator new to the space, or you want a refresher, let's get started.

Caution

If you're using Outlook.com, Microsoft 365 Family, or Microsoft 365 Personal, and need Safe Links or Safe Attachments info, click this link: Advanced Outlook.com security for Microsoft 365 subscribers.

Office 365 security spelled out

Every Office 365 subscription comes with security capabilities. The goals and actions that you can take depend on the focus of these different subscriptions. In Office 365 security, there are three main security services (or products) tied to your subscription type:

  1. Exchange Online Protection (EOP)
  2. Microsoft Defender for Office 365 Plan 1 (Defender for Office P1)
  3. Microsoft Defender for Office 365 Plan 2 (Defender for Office P2)

Note

If you bought your subscription and need to roll out security features right now, skip to the steps in the Protect Against Threats article. If you're new to your subscription and would like to know your license before you begin, browse Billing > Your Products in the Microsoft 365 admin center.

Office 365 security builds on the core protections offered by EOP. EOP is present in any subscription where Exchange Online mailboxes can be found (remember, all the security products discussed here are Cloud-based).

You may be accustomed to seeing these three components discussed in this way:

EOPMicrosoft Defender for Office 365 P1Microsoft Defender for Office 365 P2
Prevents broad, volume-based, known attacks.Protects email and collaboration from zero-day malware, phish, and business email compromise.Adds post-breach investigation, hunting, and response, as well as automation, and simulation (for training).

But in terms of architecture, let's start by thinking of each piece as cumulative layers of security, each with a security emphasis. More like this:

Though each of these services emphasizes a goal from among Protect, Detect, Investigate, and Respond, all the services can carry out any of the goals of protecting, detecting, investigating, and responding.

Office 365 Download

The core of Office 365 security is EOP protection. Microsoft Defender for Office 365 P1 contains EOP in it. Defender for Office 365 P2 contains P1 and EOP. The structure is cumulative. That's why, when configuring this product, you should start with EOP and work to Defender for Office 365.

Though email authentication configuration takes place in public DNS, it's important to configure this feature to help defend against spoofing. If you have EOP,you should configure email authentication.

If you have an Office 365 E3, or below, you have EOP, but with the option to buy standalone Defender for Office 365 P1 through upgrade. If you have Office 365 E5, you already have Defender for Office 365 P2.

Tip

If your subscription is neither Office 365 E3 or E5, you can still check to see if you have the option to upgrade to Microsoft Defender for Office 365 P1. If you're interested, this webpage lists subscriptions eligible for the Microsoft Defender for Office 365 P1 upgrade (check the end of the page for the fine-print).

The Office 365 security ladder from EOP to Microsoft Defender for Office 365

Important

Learn the details on these pages: Exchange Online Protection, and Defender for Office 365.

What makes adding Microsoft Defender for Office 365 plans an advantage to pure EOP threat management can be difficult to tell at first glance. To help sort out if an upgrade path is right for your organization, let's look at the capabilities of each product when it comes to:

  • preventing and detecting threats
  • investigating
  • responding

starting with Exchange Online Protection:

Prevent/DetectInvestigateRespond
Technologies include:
  • spam
  • phish
  • malware
  • bulk mail
  • spoof intelligence
  • impersonation detection
  • Admin Quarantine
  • Admin and user submissions of False Positives and False Negatives
  • Allow/Block for URLs and Files
  • Reports
  • Audit log search
  • Message Trace
  • Zero-hour Auto-Purge (ZAP)
  • Refinement and testing of Allow and Block lists
  • If you want to dig in to EOP, jump to this article.

    Because these products are cumulative, if you evaluate Microsoft Defender for Office 365 P1 and decide to subscribe to it, you'll add these abilities.

    Gains with Defender for Office 365, Plan 1 (to date):

    Prevent/DetectInvestigateRespond
    Technologies include everything in EOP plus:
  • Safe attachments
  • Safe links
  • Microsoft Defender for Office 365 protection for workloads (ex. SharePoint Online, Teams, OneDrive for Business)
  • Time-of-click protection in email, Office clients, and Teams
  • anti-phishing in Defender for Office 365
  • User and domain impersonation protection
  • Alerts, and SIEM integration API for alerts
  • SIEM integration API for detections
  • Real-time detections tool
  • URL trace
  • Same
  • So, Microsoft Defender for Office 365 P1 expands on the prevention side of the house, and adds extra forms of detection.

    Microsoft Defender for Office 365 P1 also adds Real-time detections for investigations. This threat hunting tool's name is in bold because having it is clear means of knowing you have Defender for Office 365 P1. It doesn't appear in Defender for Office 365 P2.

    Gains with Defender for Office 365, Plan 2 (to date):

    Prevent/DetectInvestigateRespond
    Technologies include everything in EOP, and Microsoft Defender for Office 365 P1 plus:
  • Same
  • Threat Explorer
  • Threat Trackers
  • Campaign views
  • Automated Investigation and Response (AIR)
  • AIR from Threat Explorer
  • AIR for compromised users
  • SIEM Integration API for Automated Investigations
  • So, Microsoft Defender for Office 365 P2 expands on the investigation and response side of the house, and adds a new hunting strength. Automation.

    Office 365 Portal

    In Microsoft Defender for Office 365 P2, the primary hunting tool is called Threat Explorer rather than Real-time detections. If you see Threat Explorer when you navigate to the Security center, you're in Microsoft Defender for Office 365 P2.

    To get into the details of Microsoft Defender for Office 365 P1 and P2, jump to this article.

    365

    Tip

    EOP and Microsoft Defender for Office 365 are also different when it comes to end-users. In EOP and Defender for Office 365 P1, the focus is awareness, and so those two services include the Report message Outlook add-in so users can report emails they find suspicious, for further analysis.

    Office 365 free download

    In Defender for Office 365 P2 (which contains everything in EOP and P1), the focus shifts to further training for end-users, and so the Security Operations Center has access to a powerful Threat Simulator tool, and the end-user metrics it provides.

    Microsoft Defender for Office 365 Plan 1 vs. Plan 2 cheat sheet

    This quick-reference will help you understand what capabilities come with each Microsoft Defender for Office 365 subscription. When combined with your knowledge of EOP features, it can help business decision makers determine what Microsoft Defender for Office 365 is best for their needs.

    Defender for Office 365 Plan 1Defender for Office 365 Plan 2
    Configuration, protection, and detection capabilities: Defender for Office 365 Plan 1 capabilities

    --- plus ---

    Automation, investigation, remediation, and education capabilities:

    • Microsoft Defender for Office 365 Plan 2 is included in Office 365 E5, Office 365 A5, and Microsoft 365 E5.

    • Microsoft Defender for Office 365 Plan 1 is included in Microsoft 365 Business Premium.

    • Microsoft Defender for Office 365 Plan 1 and Defender for Office 365 Plan 2 are each available as an add-on for certain subscriptions. To learn more, here's another link Feature availability across Microsoft Defender for Office 365 plans.

    • The Safe Documents feature is only available to users with the Microsoft 365 E5 or Microsoft 365 E5 Security licenses (not included in Microsoft Defender for Office 365 plans).

    • If your current subscription doesn't include Microsoft Defender for Office 365 and you want it, contact sales to start a trial, and find out how Microsoft Defender for Office 365 can work for in your organization.

    Tip

    Insider tip. You can use the docs.microsoft.com table of contents to learn about EOP and Microsoft Defender for Office 365. Navigate back to this page, Office 365 Security overview, and you'll notice that table of contents organization in the side-bar. It begins with Deployment (including migration) and then continues into prevention, detection, investigation, and response.

    This structure is divided so that Security Administration topics are followed by Security Operations topics. If you're a new member of either job role, use the link in this tip, and your knowledge of the table of contents, to help learn the space. Remember to use feedback links and rate articles as you go. Feedback helps us improve what we offer you.

    Office 365 Sign In Email

    Where to go next

    If you're a Security Admin, you may need to configure DKIM or DMARC for your mail. You may want to roll out 'Strict' security presets for your priority users, or look for what's new in the product. Or if you're with Security Ops, you may want to leverage Real-time detections or Threat Explorer to investigate and respond, or train end-user detection with Attack Simulator. Either way, here are some additional recommendations for what to look at next.

    See the specific recommended 'golden' configs and use their recommended presets to configure security policies quickly

    Catch up on what's new in Microsoft Defender for Office 365 (including EOP developments)

    Use Attack Simulator in Microsoft Defender for Office 365