This guide will allow an administrator to create a file blacklist that will prevent users accessing or receiving emails that have the hash embedded within its contents.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: Email Security
Domain: File Management
Modifies: Unsanctioned Files
Email File Block
- Navigate to Files – 365 Defender, select the Block option to create the restriction for the desired file hash. A pop-up will be displayed where you will supply the necessary file hashes that need to be restricted, you will want to specify the Remove Block Entry After dropdown to be Never Expire to ensure that this block won’t need to be reestablished. Optional Note will be used as a supplemental area for other admins when viewing this section, you will add a brief explanation on why the block has been initiated on this file. Select Add to finalize the block.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.