In the previous post, we saw how it looks like and what happens when a malicious files are detected in a SharePoint Library and OneDrive.

In this post, we will walk through turning ATP on for SharePoint, OneDrive and Teams.

1- Go to Security Admin Center, under Thread Management, click on Policy,

2- Start by clicking Create to create a new policy.

3- Follow the steps for the policy, in the settings, choose to block all,

4- Once the policy created, select it and select Global settings;

5- By default, the policy will have ATP turned on for SharePoint, OneDrive and Teams.