Default Anti-Phish policy - is it enabled for All Users "by default"?

New Contributor

Hi,

I'm reviewing the available settings in the default Anti-Phish Policy.

(I know I can create a Custom Anti-Phish Policy and assign to licensed users such as VIP's, CEO, CFO, etc)

 

My question is, Is this Default Policy applied to all users as a sort of "universal" catch-all anti-phish policy?

 

Thanks in advance!

1 Reply
It can be confusing whether to use the default policy or a named policy.
If you have a small organization with simple requirements then the default policy is fine.
If you have a need to target different groups of people with different policies, that is when you will create named policies.
Just keep in mind that the default policy will be applied last, only after all named policies have been processed.
If a user is targeted in the named policy, then that will apply to them and the default policy will not be applied to them.
Reference: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/configure-anti-phishing-...