Cannot turn off Strict Preset Security policy

Alex Findlay 26 Reputation points

We had previously enabled the Strict Presen Security Policy, but it was interfering too much with core work so we have had to scale it back, however I cannot turn off or delete the strict preset security policies, I have turned it off at the top level and made it apply to nothing, however the policy still shows int eh Anti Phishing section.

User's image

User's image

I try removing and turning it off, but neither work

User's image

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,238 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
366 questions
0 comments No comments
{count} votes

Accepted answer
  1. Akshay-MSFT 17,086 Reputation points Microsoft Employee


    Thank you for posting your query on Microsoft Q&A. From the above description, I could understand that you did enable strict protection and later disabled it, but it still shows enabled under Anti-phishing policies, but you want it to be disabled from everywhere.

    Please do correct me if this is not the case.

    I did try to reproduce the issue in my tenant by first enabling the policy :

    User's image

    • When I tried to turn it Off It did turned off from Anti-phishing section as well:

    User's image

    Get-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy" | Format-Table Name,State

    • Run the following command to turn off the Standard preset security policy if it's turned on:

    Disable-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy"

    • In organizations with Defender for Office 365, run the following command to determine whether the rules for the Standard preset policy are currently enabled or disabled:

    **Write-Output -InputObject ("rn"*3),"EOP rule - Strict preset security policy",("-"63);Get-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy" | Format-Table Name,State; Write-Output -InputObject rn,"Defender for Office 365 rule - Strict preset security policy",("-"63);Get-ATPProtectionPolicyRule -Identity "Strict Preset Security Policy" | Format-Table Name,State

    • Run the following command to turn off the Standard preset security policy if it's turned on:**
      Disable-EOPProtectionPolicyRule -Identity "Strict Preset Security Policy"; Disable-ATPProtectionPolicyRule -Identity "Strict Preset Security Policy"**

    Please do let me know if you still face the issue.


    Akshay Kaushik

    Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.

    2 people found this answer helpful.

0 additional answers

Sort by: Most helpful