Error when enabling standard protection in Preset Security policies

Copper Contributor

Hi - I seem to have an issue when enabling the standard protection for our organization in the Preset security policies. Whenever I edit the Standard protection, it by default selected the "Apply protection to:" None and then when I tried to save it, it has the error as shown in the screenshot.


There is no issue when enabling the Strict Protection, so that got me all confused as there should be no conflicting rights or permissions on my end.


When running the "Enable-OrganizationCustomization" in powershell, it also indicated as enabled. Thanks and any help is deeply appreciated!





Enable-OrganizationCustomization: |System.InvalidOperationException|This operation is not required. Organization is already enabled for customization.






3 Replies

Hi @Lionel_Tan,

he error message in the screenshot indicates that you are trying to enable standard protection in the preset security policies, but the Apply protection to setting is set to None. This is a conflict, and it is preventing you from saving the changes.

To resolve this issue, you need to set the Apply protection to setting to a specific group of recipients. For example, you could set it to All recipients or Specific recipients.

To do this, follow these steps:

  1. Open the Microsoft 365 Defender portal.
  2. Go to Policies & rules > Threat policies > Preset security policies.
  3. Under Standard protection preset, click Manage.
  4. Under Apply protection to, select the group of recipients that you want to apply the protection to.
  5. Click Save.

Once you have done this, you should be able to enable standard protection without any errors.

Here is a link to Microsoft's documentation on preset security policies:

Please click Mark as Best Response & Like if my post helped you to solve your issue.
This will help others to find the correct solution easily. It also closes the item.

If the post was useful in other ways, please consider giving it Like.

Kindest regards,

Leon Pavesic

Thanks Leon - but the problem is that I have selected the apply protection to all and I kept getting this error. If I just enable standard, it will be ok but by default it will choose the apply protection to none.
I don't seem to have any problem at all when configuring the Strict protection, so I'm currently applying this for all instead but it is pretty aggressive in applying the spam policy to our emails.
I am running into the same problem. Did you get anywhere with this? I suspect a call to Microsoft is on the cards.