Microsoft offers security for small businesses

  • May 4, 2022
  • Steve Rogerson

Microsoft has announced general availability of Defender for Business designed to boost small and medium business (SMB) security.

A quarter of small to medium-sized businesses have experienced a security breach in the past year and lack the resources of large enterprises to protect themselves.

Defender for Business brings enterprise-grade endpoint security to SMBs, including endpoint detection and response capabilities to protect against ransomware and other sophisticated cyber threats.

In April 2022, Microsoft surveyed more than 150 small and medium businesses in an online quantitative survey in the USA to understand changing SMB security needs. The survey found that more than 70% of SMBs think cyber threats are becoming more of a business risk. That concern is well-founded with nearly one in four SMBs surveyed experiencing a security breach in the past year.

Despite facing similar risks as enterprises, SMBs often lack access to the right resources and tools, including specialised security staff. Many SMBs still rely on traditional antivirus products for their security. Although 80% of SMBs state they have some form of antivirus product, 93% continue to have concerns about increasing and evolving cyber attacks.

“Microsoft believes in security for all,” said Vasu Jakkal, CVP at Microsoft. “We are proud to further deliver on that vision today. With the general availability of Defender for Business, SMBs will get greater protection with simplified security to help them better protect, detect and respond to threats.”

With Defender for Business, SMBs get multi-layered protection, detection and response, spanning the five phases of the National Institute of Standards & Technology (Nist) cyber-security framework – identify, protect, detect, respond and recover – to protect and remediate against known and unknown threats.

Defender for Business comes with built-in policies to get users up and running quickly. The automated investigation and remediation capabilities help automate the type of work handled by dedicated sec-ops teams, by continuously detecting and automatically remediating various threats.

“Automated investigation and remediation are a huge part of the product,” said Adam Atwell, cloud architect at consulting firm Kite Technology Group. “It’s just happening in the background. Defender for Business makes our security so simple.”

Defender for Business is also included in Microsoft 365 Business Premium, its security and productivity offering for businesses with up to 300 employees. Users can also choose to buy it stand-alone for $3 per user, per month. Additional support for servers is planned later this year with an add-on.

Threat and vulnerability management helps prioritise and focus on weaknesses that pose the most urgent and highest risk to business. Users can proactively build a secure foundation for their environment by discovering, prioritising and remediating software vulnerabilities and misconfigurations.

Attack surface reduction options target places where the company is vulnerable to cyber attacks across devices and applications, leaving bad actors with fewer ways to execute attacks.

The product helps prevent and protect against threats with antimalware and antivirus protection on devices and in the cloud.

Endpoint detection and response provides behavioural-based detection and response alerts so users can identify persistent threats and remove them from their environment.

Auto-investigation and remediation help scale security operations by examining alerts and taking immediate action to resolve attacks. By reducing alert volume and remediating threats, Defender for Business lets users prioritise tasks and focus on more sophisticated threats.