On Monday, Microsoft Corp. announced the general availability (GA) of the stand-alone version of Microsoft Defender for Business. Defender for Business brings enterprise-grade endpoint security to SMBs, including endpoint detection and response capabilities to protect against ransomware and other sophisticated cyberthreats.
In April 2022, Microsoft surveyed more than 150 small and medium businesses in an online quantitative survey in the U.S. to better understand changing SMB security needs. The survey found that more than 70% of SMBs think cyberthreats are becoming more of a business risk. That concern is well-founded — nearly one in four SMBs surveyed reported experiencing a security breach in the past year.
Despite facing similar risks as enterprises, SMBs often lack access to the right resources and tools, including specialized security staff. Many SMBs still rely on traditional antivirus solutions for their security. Although 80% of SMBs state they have some form of antivirus solution, 93% continue to have concerns about increasing and evolving cyberattacks.
“Microsoft believes in security for all,” said Vasu Jakkal, CVP, security, compliance & identity at Microsoft. “We are proud to further deliver on that vision today. With the GA of Defender for Business, SMBs will get greater protection with simplified security to help them better protect, detect and respond to threats.”
With Defender for Business, SMBs get multilayered protection, detection and response, spanning the five phases of the National Institute of Standards and Technology (NIST) cybersecurity framework — identify, protect, detect, respond and recover — to protect and remediate against known and unknown threats.
Defender for Business comes with built-in policies to get customers up and running quickly. The automated investigation and remediation capabilities in Defender for Business help automate the type of work handled by dedicated SecOps teams, by continuously detecting and automatically remediating various threats.
“Automated investigation and remediation are a huge part of the product,” said Adam Atwell, cloud solutions architect at consulting firm Kite Technology Group. “It’s just happening in the background. Defender for Business makes our security so simple.”
Defender for Business is also included in Microsoft 365 Business Premium, our comprehensive security and productivity solution for businesses with up to 300 employees. Customers can also choose to buy it stand-alone for $3 per user, per month. Additional support for servers is planned later this calendar year with an add-on solution.
Microsoft Defender for Business product features:
- Threat and vulnerability management helps prioritize and focus on weaknesses that pose the most urgent and highest risk to business. Proactively build a secure foundation for your environment by discovering, prioritizing and remediating software vulnerabilities and misconfigurations.
- Attack surface reduction options help minimize attack surface (i.e., places where your company is vulnerable to cyberattacks across your devices and applications), leaving bad actors with fewer ways to execute attacks.
- Next-generation protection helps prevent and protect against threats with antimalware and antivirus protection on devices and in the cloud.
- Endpoint detection and response provides behavioral-based detection and response alerts so that you can identify persistent threats and remove them from your environment.
- Auto-investigation and remediation help scale security operations by examining alerts and taking immediate action to resolve attacks for customers. By reducing alert volume and remediating threats, Microsoft Defender for Business enables customers to prioritize tasks and focus on more sophisticated threats.
Defender for Business and Microsoft 365 Business Premium give partners new opportunities to help secure customers at scale with value-add managed services. Both solutions integrate with Microsoft 365 Lighthouse, which was made generally available on March 1, 2022, so Microsoft cloud service providers can view security incidents across tenants in a unified portal.