How Microsoft Defender for Business makes the difference?
Are you ready to move from Microsoft 365 Business Standard to Business Premium?
Microsoft 365 Business Standard combines best-in-class Office apps and powerful cloud services like business-class email, cloud file storage, and Microsoft Teams.
This is a good start for most SMBs, but at a certain stage of maturity new requirements and needs are identified in the business life cycle.
Cyber-security, if not at the top, is among the main aspects that emerge.
This is where Microsoft 365 Business Premium comes in, it includes all the same apps and services plus advanced cyber-threat protection and device management capabilities.
Let’s go through this article to illustrate the key concepts and features of Microsoft Defender for Business than can help you manage and secure your business today.
Product Summary
Description:
Microsoft Defender for Business covers all aspects of protection and offers automated enterprise-grade security to defend you from cyber-threats like ransomware in a cost –effective and easy to use solution.
Defender was previously available only for Enterprise subscriptions, so this is a significant addition from Microsoft to the SMBs offerring.
Microsoft Business Premium (previously Microsoft 365 Business) was already covering the data level with its included security features, now platform level protection capabilities are available thanks to the addition of Defender, at no additional cost.
Who the product is for:
If you are already using Microsoft 365 Business Standard and your users rely heavily on mobile apps to access their business data?
You’ve noticed or have been reported phishing attempts recently or illegitimate spammers reaching your inbox and you want to make sure that you protect your users against these threats?
You have compliance requirements to fulfill for your business to run safely and according to regulations?
You want to keep control over the devices that access company data? Even if you invite external guests to collaborate with your internal teams?
Then Microsoft Business Premium is for you.
Intended use & Summary of features and benefits.
1. Identify
Threat and vulnerability management helps you to prioritize and focus on the weaknesses that pose the most urgent and highest risk to your business. By discovering, prioritizing, and remediating software vulnerabilities and misconfigurations, you can proactively build a secure foundation for your environment.
2. Protects
Attack surface reduction options help to minimize your attack surface (like the places that your company is vulnerable to cyber-attacks across your devices and applications), leaving bad actors with fewer ways to perform attacks.
Next-generation protection helps to prevent and protect against threats at your front door with anti-malware and antivirus protection — on your devices and in the cloud.
3. Detect and respond
Endpoint detection and response provides behavioral-based detection and response alerts so you can identify persistent threats and remove them from your environment.
4. Recover
Auto-investigation and remediation help to scale your security operations by examining alerts and taking immediate action to resolve attacks for you. By reducing alert volume and remediating threats, Defender for Business allows you to prioritize tasks and focus on more sophisticated threats.
What is the product?
If you have an existing Microsoft Defender for Endpoint license within your tenant this will affect the administrative experience, within the Microsoft 365 Defender security portal. When the Defender for Business service is enabled, the following experience will be changed:
- Microsoft Defender for Endpoint P1 will be changed to Microsoft Defender for Business.
- Microsoft Defender for Endpoint P2 will remain in place and Microsoft Defender for Business product experience will not be seen until the Defender for Endpoint P2 license is completely removed from the tenant. At which time Defender for Business experience will be seen.
- Microsoft Defender for Endpoint Servers, or Microsoft Defender for Cloud is active within the Azure tenant. This will also impact the Microsoft 365 Defender admin center and switch it to a more advanced Microsoft Defender for Endpoint Plan 2 product experience. Defender for Business experience will not be seen.
The transition from Microsoft Defender for Endpoint P1 or P2 to Microsoft Defender for Business will not require offboarding and onboarding devices again. Security settings will remain in place.
Why choose the product?
1. Security remains one of the top concerns and most challenging responsibilities facing your small business. With rapid technology adoption and increased remote working, your risk is increasing as your team contends with resource and budget constraints and lack the technical expertise to deal with the ever-evolving threat landscape.
- Increase in ransomware attacks in the past year, with more than 50% targeted at small businesses (Homeland Security Secretary Alejandro Mayorkas, 06 May 2021 ABC report)
- Nearly one in four SMBs state that they had a security breach in the last year (Microsoft commissioned research, April 2022, US SMBs 1–300 employees)
- Average cost of an SMB data breach: $108,000 (Kaspersky Global Corporate IT Security Risks Survey, 2019)
2. Enterprise-grade protection
- Protect your devices against ransomware and other cyber-threats with industry-leading Defender technologies like endpoint detection and response and threat and vulnerability management.
3. Easy to use
- Get up and running quickly with easy, wizard-based on-boarding. Out-of-the box policies and automated investigation and remediation help automatically protect you against the latest threats, so you can focus on running your business.
4. Cost-effective
- Security that just works without compromising budget.
- Available in two flexible plans as part of Microsoft 365 Business Premium, or as a standalone solution for $3 per user per month. As standalone SKU, up-to 300 users for $3pupm* (Entitlement for use on up to 5 devices). Included as part of Microsoft 365 Business Premium, up-to 300 users (Microsoft Defender for Business will roll out to new and existing Microsoft 365 Business Premium customers at launch)
Features
General overview:
- Reduce your vulnerability with a risk-based management approach
- Help eliminate risks by reducing the surface area of attack
- Protect against cyber-threats like ransomware and malware
- Detect and investigate advanced persistent attacks
- Automatically investigate alerts and helps respond to complex threats
Relevant features include:
Increase protection against advanced cyber-threats such as malware, viruses, phishing attempts, malicious links, and more
- Microsoft Defender for Office 365
- Selective wipe from Intune for removing business data from lost or stolen devices
- App protection for Office mobile apps
- Information Rights Management
- Message encryption
- Azure Information Protection
- Attack surface reduction and exploit protection capabilities
- Microsoft Defender Antivirus
- Exchange Online Archiving
- eDiscovery and audits
- Data Loss Prevention
Improve management of mobile devices, tablets, and computers to add security quickly and easily to any devices connected to business data.
- An easy-to-use setup wizard
- Simplified controls for security policy management
- Automatic deployment of office apps
- Automatic install of Office, Windows 11, and
Windows 10 updates - Mobile device management from Intune
- Multifactor authentication
Supporting images, videos, links
Defender for Endpoint Plan 1 vs Plan 2 vs Defender for Business
Defender for Business brings enterprise-grade capabilities of Defender for Endpoint to small and medium-sized businesses. The following table compares security features and capabilities in Defender for Business to the enterprise offerings, Microsoft Defender for Endpoint Plans 1 and 2.
Note: this table compares Defender for Business (standalone) with Enterprise Plans. See Compare 2.
Conclusion
The cyber-security attacks continue to increase and giving enterprise-grade solutions to SMBs is definitely one of the best news for companies with less 300 employees wanting to bring their cyber-security posture to the next level.
We recommend working with a Microsoft Partner to take advantage of all benefits and receive guidance or implementation tailored to your specific business needs.
If you have any questions, or need additional, feel free to book a meeting with us using this link.
Additional Resources
Microsoft Defender for Business Requirements
Subscription: Microsoft 365 Business Premium or Microsoft Defender for Business (standalone). See How to get Microsoft Defender for Business.
Data-center: One of the following datacenter locations:
— European Union
— United Kingdom
— United States
Browser requirements: Microsoft Edge or Google Chrome
Operating system: To manage devices in the Microsoft 365 Defender portal, your devices must be running one of the following operating systems:
— Windows 10 Business or later
— Windows 10 Professional or later
— Windows 10 Enterprise or later
— macOS (the three most current releases are supported)
Make sure that KB5006738 is installed on Windows devices.
Azure AD Roles:
— Security Reader
— or Security Admin
—or Global Admin
Microsoft documentation
Video presentation from March 10th 2022: https://www.youtube.com/watch?v=umhUNzMqZto
How to get Defender for Business: https://docs.microsoft.com/en-us/microsoft-365/security/defender-business/get-defender-business
Tutorials & Simulations in Microsoft Defender for Business: https://docs.microsoft.com/en-us/microsoft-365/security/defender-business/mdb-tutorials?view=o365-worldwide
