Password-protected attachments can now be inspected, even if the email does not contain their passwords.
Many Phishing attacks include password-protected attachments as a means to avoid inspection. These attacks often employ very simple techniques to prevent security solutions from guessing the password and inspecting the attachments, while making it easy for the end user to understand the password.
In these cases other security solutions default to a generic decision - allow-all or block-all. A classic productivity vs. security dilemma.
Avanan now supports a unique workflow for handling password-protected attachments, providing maximum coverage for password-protected attachments, without compromising on end user productivity:
This workflow ensures:
To configure this workflow, go to Office 365 Mail or Gmail Threat Detection policy -> Attachments -> Password-Protected Attachments
Note - this feature is now being gradually deployed. You should see it in your portal in the upcoming 2 weeks.