How to Configure Your Microsoft Office 365 Tenant to Prevent Users from Downloading Infected Files in SharePoint

As an IT consulting firm with a reputation of “Security First”, we are constantly on the lookout for ways to secure our client environments. With that being said, we recently discovered that while Microsoft does offer various solutions to secure your Microsoft 365 tenant environment, many of these security features are not enabled automatically. One example of this is ensuring that Microsoft Office 365 SharePoint infected files are disallowed for download. Surprisingly, Microsoft does not prevent users from downloading infected files that are hosted in SharePoint by default. Below I have provided instructions on how to configure your Microsoft 365 tenant to prevent your end users from having the ability to download infected files hosted in SharePoint.

Access your Microsoft Office Tenant via PowerShell

1. Let’s begin by launching PowerShell as an administrator.

Run as administrator

2. Input the following command in PowerShell & press “Enter”.

Install-Module -Name Microsoft.Online.SharePoint.PowerShell

3. When prompted, be sure to type “Y” to install all required files & then press “Enter”.

You are installing the modules from an untrusted repository. If you trust this repository, change its InstallationPolicy value by running the Set-PSRepository cmdlet. Are you sure you want to install the modules from ‘PSGallery’?
[Y] Yes   [A] Yes to All   [N] No   [L] No to All   [S] Suspend   [?] Help   (default is “N”):

Determine Your Organization’s SharePoint URL

4. Next, you will need to determine your organization’s unique SharePoint site URL. To do so, simply login to your 365 tenant portal and select “Show All” within the left navigation pane.

Show all

5. Next, select “SharePoint.


6. Make note of your organization’s unique SharePoint site URL as shown below. url

7. Navigate back to PowerShell & update the below command to include your organization’s SharePoint URL.


8. You will now be prompted to authenticate utilizing your Microsoft Office 365 administrator credentials.

Microsoft Sign In Screen

9. Once you have authenticated successfully, return to PowerShell and enter the following command.

Set-SPOTenant -DisallowInfectedFileDownload $true

Check Your Work!

10. To verify your recent configuration change, run the following command in PowerShell.

Get-SPOTenant |Select-Object DisallowInfectedFileDownload

11. If download of infected files has been prohibited successfully, you should receive the below message.


Contact NOYNIM IT Solutions for All Your Denver IT Services

If you own or operate a business in Colorado in need comprehensive cybersecurity services, look no further than NOYNIM IT Solutions. A proud “one-stop shop” for clients across a host of industries, we can customize our offerings to meet your unique needs. To learn more about our Denver IT services, check out our website. To discuss your cybersecurity concerns with a friendly member of our team, reach out online or call (720) 524-8616.


We're happy to answer any questions you may have, feel free to call us at
(720) 524-8616