Microsoft Defender for Endpoint (ATP) Vs. Third Party Security
Security Around Office 365 Has Changed Over the Years…
In the face of ever-evolving threats, protecting against phishing, malware, and ransomware is a critical concern for organisations all over the world.
91% of cyber-attacks start with an email, and with over 230 million active business users now using Microsoft Office 365, advanced security for 365 has become a major focus point and a critical piece of the overall security puzzle.
In previous years, the most effective way to protect your Office 365 tenant had been to utilise a dedicated third-party security solution to bolster your defences, with individual solutions offering a range of benefits above and beyond Microsoft’s own offerings.
However, Microsoft has placed a strong focus on security in recent times, and now Microsoft’s own security offerings provide an incredibly powerful alternative without necessarily needing to add another third-party solution into the mix.
What is Microsoft Defender for Endpoint?
Microsoft Defender for Endpoint (formerly known as Advanced Threat Protection, or ATP) delivers preventative protection, post-breach detection, automated investigation, and response for your Microsoft Office 365 environment. It builds on the base-layer foundation of Exchange Online Protection (which is included in any Microsoft 365 license that contains Exchange Online) with functionality that goes far beyond EOP’s reach.
Powerful layers of additional security include proactive screening for unknown “zero-day” threats in real-time by checking potential carriers in a secure, sandbox environment before it enters the organisation perimeter. As well as machine learning and heuristic clustering designed to detect any emerging patterns behind threats and risky activity to help you detect any potential weak spots.
The combination of EOP and Defender for Endpoint (ATP) has become a strong option for organisations that require full protection, meaning Microsoft is now in the position to rival the best third-party security solutions on the market.
Gartner and Forrester Are Turning Towards Microsoft
Two of the most well-respected industry analytical giants Gartner and Forrester are increasingly impressed by Microsoft’s security offerings, and we know this is creating a nervous ripple across the industry as large third-party vendors start to worry about the future of their own solutions.
Gartner names Microsoft as a Leader in their Endpoint Protect Magic Quadrant, and Forrester named Microsoft as a Leader in Enterprise Detection and Response Wave.
Microsoft Threat Protection also leads in real-world detection in the latest MITRE ATT&CK evaluation, hitting a perfect protection score in one of the industry’s most well-respected independent AV tests. Core to MITRE’s testing approach is emulating real-world attacks to understand whether solutions can adequately detect and respond to them, and Microsoft is consistently hitting results that more than compete with some of the traditional “big-hitters” in the dedicated security space.
How to Compare Microsoft Vs. Third Party?
As an independent IT provider, we’ve worked (and continue to work) closely with a variety of leading premium security vendors over the years, and for this research piece, we looked at the 4 biggest “key players” that provide leading-edge security solutions for Microsoft Office 365 environments.
We’ve grouped these key players together to look at the third-party 365 security space as a whole. Of course this helps to keep things simple, but it’s mainly because there is actually very little difference between the third-party solutions in terms of the threat protection they offer (in most cases their SLAs are even the same; i.e. 100% anti-virus and 99% spam protection), but the concept of comparing them to Microsoft’s own offering remains the same.
The question of trust appears right away. Every provider promises the same efficacy (there or there abouts), and yet none of them have a 100% track record in this space – where one solution misses one particular threat, a different solution will miss another. It can be a bit of a futile exercise to try see whose track-record is the the “best” when results and level of protection are so similar, but what we can see is the speed at which Microsoft have caught up with (and in some cases even surpassed) the dedicated providers in this area.
It comes down to your preference. Some organisations are keen to “spread the risk” when it comes to security across multiple providers, others trust and rely on Microsoft’s newly found focus on security and cannot justify the extra cost of adding an additional third-party layer.
More than ever before, organisations are spoilt for choice when it comes to truly protecting against evolving threats.
Microsoft have made tremendous “real-world” gains in the past couple of years and now offer a truly competitive security suite that can rival, and even exceed, the very best security solutions on the market. In terms of Microsoft Office 365, no other solution can provide the same depth and breadth of protection (nor of course the level of integration) as Microsoft own in-house Endpoint Protection packages. And the fact that this functionality is included in many of the most common Office 365 and Microsoft 365 packages, it’s getting harder and harder to look past these as the best option for the majority of organisations.
We certainly believe that there are plenty of reasons that third party vendors will stay in business for some time to come, especially for those organisations with specific concerns about risk management, but it’s hard to ignore the progress Microsoft continues to make, and we expect to see Microsoft’s in-house solutions becoming the “de facto” choice for the vast majority of organisations using 365 in the no so distant future.