At the Microsoft Ignite enterprise IT event in November 2021, multiple announcements were made about cyber-security enhancements either now available or coming soon to business-oriented Microsoft apps and services. The most exciting cyber-security enhancement is the new Microsoft Defender for Business, targeted for small to mid-sized businesses (SMBs) using Microsoft 365 solutions. As a Gold-level Microsoft Partner with a thriving cyber-security practice, Amaxra consultants consider Microsoft Defender for Business a game changer because it will bring enterprise-grade security to the SMB user—a feature that could not have come at a better time for business owners. Just in the past year, a report from Forrester Consulting concluded that almost 60% of SMBs did not feel equipped to maintain an effective cyber-security regime, citing “insufficient resources” and “lack of specialized security skills.”
A key reason for SMBs feeling unequipped is the drastic shift many made to a hybrid work environment, where a significant number of employees work from home during the week. Supplying cyber-security for remote employees without affecting productivity is a top priority for IT professionals, IT decision makers, and members of the C-suite. Microsoft Defender for Business integrates next-generation security protections into Microsoft 365 Business Premium. Everything is delivered from the cloud and protects against the most prevalent cyber-security threats in modern hybrid work environments including malware and ransomware across Windows, macOS, iOS, and Android devices.
What is included with Microsoft Defender for Business?
At a high level, Microsoft Defender for Business cyber-security protections are delivered via a cloud-based dashboard view inside the Microsoft 365 admin panel.
These dashboards are available only to authorized IT managers at an SMB with Microsoft 365 Business Premium. From the Microsoft Defender for Business dashboards, IT managers can configure and manage five types of cyber-security protection:
- Next-gen antivirus and antimalware – Considered as “table stakes” for any cyber-security offering, the antivirus and antimalware protection included in Microsoft Defender for Business is basic—yet powerfulforms a —perimeter defense for all corporate-owned and personal devices used by employees connecting to the SMB’s Microsoft 365 apps and services the organization’s apps, services, and data. The antivirus and antimalware protections are cloud-powered, delivering automated signature updates from Microsoft’s multibillion-dollar security research organization.
- Attack surface reduction – An “attack surface” refers to the various ways a hacker can infiltrate a corporate network with a cyber-attack. Typical attack surfaces on a corporate network include digital items such as “open” transport protocol ports or software code on a device that hackers exploit to gain unauthorized access to corporate data. Microsoft Defender for Business uses automated ransomware mitigation, application control, network firewalls, and more to find and apply attack surface reduction rules to systems your employees use anywhere on the corporate network. The ransomware mitigation alone should be enough for most SMBs to want Microsoft Defender for Business, as in the last year Forrester Consulting saw a 300% increase in ransomware attacks with over 50% reaching small businesses.
- Threat and vulnerability management – In concert with attack surface reduction, Microsoft Defender for Business also helps prioritize and focus on the cyber-security weaknesses that pose the most urgent and the highest risk to the SMB. Because of the issues with “insufficient resources” and “lack of specialized security skills,” SMBs can greatly benefit from this automated discovery, prioritization, and remediation of software vulnerabilities and misconfigurations in the IT environment from within the Microsoft 365 admin panel.
- Endpoint detection and response (EDR) – An endpoint refers to any server, laptop, tablet, smartphone, or other internet-connected device. Microsoft Defender for Business’s EDR protection uses behavioral-based technology to find suspicious activity (for example, a Seattle-based employee on the marketing team who typically works on a MacBook suddenly trying to download financial information off the company’s Microsoft SharePoint site… from a Linux computer with an IP address located in North Korea) then alert IT managers on how to respond. The EDR technology is enhanced by artificial intelligence and protects data stored on devices and in the cloud.
- Automated investigation and remediation – Because so many SMBs have constraints on dedicated IT security operations, Microsoft Defender for Business helps by constantly watching the IT environment, collating all cyber-security alerts automatically, then taking proven actions immediately to quickly resolve specific issues. This greatly reduces the overall cyber-security alert volume seen by overworked SMB IT professional while empowering them to focus on more sophisticated threats.
How can your organization get Microsoft Defender for Business?
As of this blog post’s original publication date, Microsoft Defender for Business is only available as a preview for select customers. Amaxra cyber-security consultants reviewing the preview version are planning ways to set up and integrate Microsoft Defender for Business into our Microsoft 365 Business Premium customers as soon as it reaches general availability to the public. For our customers who don’t have Microsoft 365 Business Premium but still want Microsoft Defender for Business protections, we are offering two options:
- A standalone Microsoft Defender option
- A comprehensive Amaxra Managed Security option
These options can cost as little as $3 per month/per user and deliver enterprise-grade security for SMBs. No matter what you choose, Amaxra consultants will help ensure our customers can quickly onboard and manage cyber-security at your organization with low operational overhead and tremendous security value.