Microsoft Defender for Business targets gap faced by many small businesses

Furnishing cybersecurity for remote employees — without affecting their productivity — has become a top priority for business owners.



A report from Forrester Consulting indicates that around 60% of small- and medium-sized businesses do not believe they are equipped to maintain an effective cybersecurity defense, due to insufficient resources and lack of specialized security skills.



The key reason cited for feeling unequipped, though, is the widespread adaptation of hybrid and 100% remote work arrangements. 

Meanwhile, the high cost of cybersecurity software routinely used by large enterprises presents a budget challenge for SMBs. But a new product from Microsoft called Defender for Business promises to fill this gap.



Targeted at organizations with fewer than 300 employees, the software evaluates threats and vulnerabilities so SMBs businesses know how to improve cyberthreats, at a relatively affordable price.

Microsoft’s Defender for Business purports to cater to the needs of smaller businesses by empowering them with the following security capabilities:

• Real-time monitoring.

Defender for Business lets you monitor and control your native antivirus protection and receive security information from across its cloud properties. The software automatically investigates security threats to protect your company’s devices from ransomware, malware, phishing and other types of cyberattack.

• Auto-detection and remediation of threats.

Defender offers security insights particular to your business and corresponding recommendations. It also provides IT administrators with a dashboard view of anomalies and alerts that enable them to lock potentially compromised devices. Additionally, the software keeps a forensic version of workstation processes on the cloud so it can be reviewed later to determine what action(s) caused an alert.

• Simplified device onboarding.

IT professionals can more easily onboard new devices and choose between automatic or manual onboarding with Microsoft Defender for Business.

As employees these days may use a variety of different devices to complete work-related tasks, Defender extends protection across most major platforms, including Windows, macOS, iOS and Android, as well as against the most prevalent cybersecurity threats to hybrid work environments. 

Who can access Defender for Business?

Microsoft Defender for Business is now included in Microsoft 365 Business Premium. Firms without a preexisting license can add the product for a fee of $3 per user.

The product’s integration with Microsoft 365 Lighthouse also allow IT administrators to identify and track security incidents or view and manage alerts across multiple customers onboarded into Lighthouse at the same time. 

IT teams can manage five types of cybersecurity protection with Microsoft Defender for Business: 

1. Next-gen antivirus and anti-malware

– The product’s antivirus and anti-malware protection helps secure all company-owned and personal devices used by employees connecting to the business’s Microsoft 365 apps and services. Thus, this cloud-powered software protects your organization’s apps, services and data irrespective of employee location.

2. Attack surface reduction

– An “attack surface” refers to the ways through which a hacker can gain unauthorized access to a business network, such as software code on a device that could be exploited to access company data.



The software uses automated ransomware mitigation, network firewalls, app control and more to detect cyberattacks and apply reduction rules to systems that your employees use anywhere on the business network. 



The product’s ransomware mitigation is likely SMBs’ most coveted feature, due to a threefold increase in ransomware attacks in the past year, with over 50% reaching small businesses, according to Forrester.

3. Threat and vulnerability management –

With the help of Defender software, SMBs can proactively detect vulnerabilities and weaknesses in the network, and then prioritize fixing them based on urgency of risk.



From the Microsoft 365 administrator panel, SMBs can access automated identification, prioritization and remediation of software vulnerabilities and misconfigurations in the IT environment. The dashboard also provides an overall exposure score of the risks for your devices that make your apps, operating system, network, accounts and security controls vulnerable.

4. Endpoint detection and response –

An endpoint is any device that is physically an “end point” on a network. Laptops, desktops, mobile phones, tablets, servers, and virtual environments may all comprise an endpoint. Microsoft Defender’s EDR protection uses behavioral-based technology to detect circumspect activity, then prompts IT managers on how they should respond. Strengthened with artificial intelligence, this EDR technology protects data that is stored on devices and in the cloud. 

5. Automated investigation and remediation –

The product helps SMBs by constantly monitoring the IT environment, collating all cybersecurity alerts automatically and then immediately undertaking the necessary steps to resolve certain issues. This trims the overall cybersecurity alert volume seen by busy IT professionals, while simultaneously empowering them to mitigate more sophisticated threats.