When considering the Microsoft suite of products, most people have heard the name Defender as it’s been around since 2005. But what Defender represents has changed so considerably since then and general understanding may well not have kept up.
The original use of the name was with Windows Defender, in itself a redevelopment of Microsoft AntiSpyware back in the days of Windows XP, which in turn was actually just a rebrand of GIANT AntiSpyware after Microsoft acquired that company in 2004. To begin with, it was purely an anti-spyware platform and was not therefore a complete security solution for threats even at that time.
Defender has had a number of redevelopments and improvements over the years
It has of course been through a number of redevelopments and improvements over the last 15 or so years. However, for many the name still just represents a simple, free antivirus application that’s bundled with Windows and generally not good enough when compared to all mainstream security solutions you have heard of. Things have changed though.
Windows Defender has had to adapt to keep up with the pace of cyber threats
Since the birth of Defender the types of threats that devices need to be protected from have changed too. In the early noughties it was anarchic viruses with a simple aim to destroy.
Spyware came next as criminals started to see opportunities to cash in, then an array of others started to follow. Ransomware being the most commonly discussed and most damaging type we think about today.
That meant anti-virus solutions needed to evolve, cover a broader range of threats, and offer a much more rounded set of protection. We see that in what are generally considered ‘Endpoint Protection’ solutions that offer what is known as ‘Detection and Response’ capabilities.
This is different to traditional anti-virus or anti-malware solutions that scan files either periodically or when they’re accessed. Behaviour monitoring looks for actions that may look benign but follow patterns that could represent a range of malicious activities, such as the action of encrypting files or a PC sending out certain types of network traffic.
Microsoft are now market leaders in Endpoint Protection
Big players in the endpoint protection space offer Endpoint Detection and Response (EDR), in solutions like Sophos, BitDefender, McAfee and so on, but usually at premium cost over and above their standard offering. Defender for Business offers all of these as standard, and believe it or not, is one of the best solutions available.
It’s pretty amazing to see just how far ahead of the competition Microsoft are when it comes to Endpoint Protection. When you consider that the core competition in this space are security specialists – it’s literally all they do – Microsoft are being benchmarked against, this goes to highlight the significant investment Microsoft are placing into Endpoint Protection, particularly with Microsoft Defender for Business.
See Microsoft’s own blog on the subject here: Gartner names Microsoft a Leader in the 2021 Endpoint Protection Platforms Magic Quadrant – Microsoft Security Blog
Today the brand ‘Defender’ represents a whole suite of security solutions across the Microsoft Cloud. Endpoint Protection is just one component, and that’s the focus of what we’re talking about here.
What is Microsoft Defender for Business exactly?
Well first off, technically Defender for Business is not brand new. Under the skin it’s Defender for Endpoint which is Microsoft’s enterprise level endpoint protection platform. This version has pretty much all of the same capabilities but has a simplified configuration process and interface to make it more suitable for smaller organisations.
Microsoft Defender for Business focuses on several areas to elevate security
Threat and Vulnerability Management
Through a simple dashboard, detected threats and vulnerabilities detected within your organisation can be seen and addressed in real time.
Attack Surface Reduction
The attack surface represents the number of different areas where a device could be attacked. Reducing these better protects devices at networks by providing fewer potential routes in. By blocking certain actions, such as scripts that attempt to download or run files, or even just activities that are not representative of typical daily activities, threats can be prevented before they have the opportunity to embed.
Next Generation Protection
Real-time, cloud delivered protection detects and prevents malware from running on devices. Network protection helps block phishing scams and dangerous website/web content. In addition, the block at first sight feature kills malware processes within seconds.
Endpoint Detection and Response
Defender for Business continually monitors behaviours through telemetry. This goes deep into each device to look for suspicious activities and is able to highlight where a complex threat may be present. When something is found the response capabilities provide options for rapidly responding to and resolving the threat.
Defender for Business provides an enterprise-grade security solution that is cost-effective
So here we have a leading endpoint protection solution that protects against modern threats such as viruses, malware, ransomware and more, with advanced features most mainstream providers charge extra for, included with a license you may already own.
Licensing options available for Defender
By comparison, Defender for Endpoint comes bundled with Microsoft 365 E5 licenses at £48.10 per-user or is available standalone for £3.90 per-user.
This is just the latest benefit included in the Business Premium license that really make it the essential go-to for organisations with less than 300 users. If you’re using Business Standard, take the time to re-evaluate what you’re missing out on and the risk that leaves you facing.
The world of cyber security has changed so much in the last decade. Microsoft have upped their game so that you can too. It doesn’t make sense not to upgrade.
Utilise the investment Microsoft have made to protect your business
Microsoft have built one of the largest and most powerful global cloud environments. It empowers everyone to achieve more by, among others, taking responsibility for elements of their systems and delivering them ‘as-a-service’. Beyond this though, as we can see Microsoft have also been recognised a leading security provider, showing they’re aware they cannot build global scale platforms without developing solutions to protect assets businesses place within them.