Microsoft has released a new security feature for Microsoft 365 into Public Preview. This new feature, known as “application guard“, has been designed to help prevent risky, malicious, or untrusted files from accessing your trusted resources.
This feature is turned off by default, and it’s currently only available to organisations that have Microsoft 365 E5 or Microsoft 365 E5 Security licenses.
When enabled however, files from the internet and other potentially unsafe (not yet scanned or trusted) locations can contain viruses, worms, or other kinds of malware that can attempt to infect or harm users’ devices and data, in the case of malware, spread to other areas.
With the new Application Guard feature enabled, Office apps will open files from potentially unsafe locations in Application Guard, which is a secure container (in memory) that is isolated and shielded from other applications, device hardware, processes, and system memory through hardware-based virtualisation.
When enabled, users will see a change to the standard Office splash screen on the first launch of an untrusted office document that indicates that Application Guard for Office has been enabled, and that the file is being opened in a secure environment. In addition, the application will also display a visual indicator, such as a callout in the ribbon and the taskbar icon, to inform the user that the Application Guard is running.
What is nice about this new feature is that unlick the previous “protected mode” which limited editing functions for example and prevented some aspects of the document or excel macros from running, with Application Guard, users do NOT get a compromised experience, meaning they can securely read, edit, print, and save those files without having to re-open files outside the “safe” container.
As I said at the start, this feature is off by default and needs to be enabled by IT admin using a group policy or a CSP entry in your MDM . Details on how to enable Application Guard are provided by Microsoft here: