“Initially, built-in protection will include turning tamper protection on for your tenant, with other default settings coming soon,” Microsoft explains.
In September, Redmond added that it would soon enable tamper protection by default on all Microsoft Defender for Endpoint onboarded systems, locking Microsoft Defender Antivirus to secure default values and preventing any security settings changes.
“To further protect our customers, we are announcing that tamper protection will be turned on for all existing customers, unless it has been explicitly turned off in the Microsoft 365 Defender portal,” said Josh Bregman, a Principal Product Manager at Microsoft, at the time.
Customers who haven’t yet configured tamper protection in their enterprise environments will soon receive Microsoft 365 Defender portal notifications alerting them the feature will be turned on.
Microsoft 365 admins can also exclude some devices on the network from tamper protection if there’s an app compatibility concern by using Security Management for Defender for Endpoint or creating a profile in Microsoft Endpoint Manager.
Redmond also started rolling out built-in protection to Defender for Office 365 to tenants worldwide in November 2021 to provide the same level of protection from phishing emails to existing and new end users.
