Maximising the benefits of your investment in M365 - Microsoft Defender

Maximising the benefits of your investment in M365 - Microsoft Defender for Business

Microsoft announced at Ignite in November that the Defender Security Product would be made available as part of the M365 suite (from Business Premium and above).   It’s a product that has been designed for small to medium-sized enterprises (up to 300 employees) and introduces a number of enterprise-grade endpoint security to businesses who may well be investing in point products to protect themselves or accepting a risk because cost won in the cost versus risk debate.

This feels like a really good addition to the features that are already part of the M365 suite and should lead to consolidation (in terms of technology and cost) as well as enhanced security and protection against threats.

There is a very detailed overview on Microsoft’s website here, but here is a quick summary of what’s included.

• Next-Generation Anti-Virus & AntiMalware Protection:- This protection brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices (or endpoints) in your organisation. Microsoft Defender Antivirus is built into Windows, and it works with Microsoft Defender for Endpoint to provide protection on your device and in the cloud.
• Endpoint detection and response (EDR) – Behavioural-based detection and response alerts when there is suspicious activity happening within the environment.
• Threat and vulnerability management – Provides a dashboard that highlights the organisation's risk to exposure and provides insights and recommendations in a prioritised fashion which can be acted upon to improve your security position.
• Advanced Security Features – Microsoft calls this “Attack Surface Reduction” and it’s a collection of tools that enable Application Control, Web protection, network protection, network firewall, ransomware mitigation and other security reduction rules.

Certainly in a number of scenarios we see, adding all this capability without increasing IT spending would be difficult to achieve; so it’s a good outcome for clients that have invested in the 365 suite especially as there is a looming price increase for licenses around the corner.

There are other features too such as workflow automation using Microsoft’s API’s and integration capabilities, relevant for organisations that have invested in other security or event management tools.

Microsoft Defender is currently only available in preview which you can apply for in order to use the product now. As it uses much of the features from the Endpoint Security tool, we don’t think it will be long before the kinks are ironed out and this is available for general release.