(It should be noted that Microsoft has been improving Microsoft Defender since its inception. When it was first included with Windows XP, Defender offered minimal protections, at best. In its present state, it is a very robust solution that can be scaled up. So, don’t throw this one out based on your experience in earlier years.)
Microsoft Defender ATP is Microsoft’s End Point Protection product is designed to provide real-time protection against threats such as viruses, malware, spyware, and trojans. On top of that, it is cross-platform and supports MacOS. It includes add-ins for SQL and Exchange.
With the advent of the Covid-19 pandemic, Microsoft increased the push for its non-enterprise business Malware Security solution, marketing it as the product to protect assets as companies have their employees work from home.
WFH in 2021 adds just as much risk as it did last year.
Whereas it used to be that only the occasional employee was working remotely, those employees often had corporate-issue machines, with tight corporate security policies and controls. In the rush to get teams working remotely last year, however, many organizations allowed employees to use personal laptops and other devices, making the transition much easier and expedient for them–not to mention saving massive amounts of money in unbudgeted hardware purchases. The net effect is that homebound users and their computing equipment are much more diverse in 2021 compared to the pre-lock down times– a factor which has muddied many of the previous business-centric solutions companies had in place. The fact is that there are more people, working in more places, on more kinds of machines and networks than ever before, which are also often being used for more non-company purposes, such as social media engagement, unmonitored app downloads, and web browsing. This increases the risk of organizations’ becoming the victim of a malware attack tremendously.
ATP is accommodating with a new endpoint licensing model.
To address this increased risk, Microsoft Defender ATP solution, which is conveniently built into Windows, has introduced a simplified licensing model allowing multiple endpoints to be added for each user– from phones and tablets to PCs and Macs. Effectively, this gives companies a methodology through which security and compliance policies can be rolled out, applied, and monitored. Even better, each of these endpoints then has tools to remediate breaches from threats.
Microsoft has structured protection in 3 areas:
-
- Company-supplied Equipment
The company supplied equipment is the traditional responsibility of a company’s IT department and security and governance policies should already be in place. The Microsoft Defender ATP can be easily rolled out through the existing infrastructure to corporate-owned Windows and Mac based systems.
-
- Remote Access (VDI)
Remote access resources, even if they now need to be leveraged to a much higher extent, can be easily secured through Microsoft’s AD integration with all its layered security, and remote traffic is protected by using VPN’s and encryption.
-
- User-supplied Equipment (BYOD)
Home computers running Windows already have Windows Defender built-in and, using the tools Microsoft provides, they can be enrolled under the corporate security umbrella, while users’ tablets and mobile phones can be enrolled in Mobile Device Manager. Microsoft does offer documentation and assistance in planning a large deployment/enrollment of non-corporate owned devices.
While extremely customizable, Microsoft already has baseline security recommendations to start with for initial deployment of this product. Since each organization has its own risk profile, priority data sets to protect, and compliance requirements, you will want to review those recommended settings and adjust them to your requirements.
In summary, Microsoft Defender is an effective product to include in today’s current work environment. With companies now having discovered the benefits of having users working remotely– lower overhead, higher efficiency and many times, less stress, it is promising to find that security does not have to be sacrificed. Given the ongoing state of the pandemic and the fact than many have embraced WFH as a permanent solution, it’s time to look at leveraging options within a platform most people are already using to achieve greater security in an ever-changing threat landscape.
If you would like to talk to someone who can help you with implementation and documentation of Microsoft ATP, you can request a consultation with a TRUE professional.