By: Kharmela Mindanao on December 14th, 2021
What is Microsoft Defender for Office 365? (A Beginner’s Guide)
Choosing the best Microsoft products can feel like blindly grabbing socks from your closet and hoping they match. With all the options available, how do you decide which product is the best for your company?
When it comes to security, you don’t want to have a product that underperforms your business. Or doesn’t help with the problem you have.
At Intelligent Technical Solutions, we know choosing the best security program is important for small businesses. So we’ve prepared an article that talks about Microsoft Defender for Office 365.
Specifically, we’ll tackle the following points:
- The definition of Microsoft Defender for Office 365
- The features & plans of Microsoft Defender for Office 365
- A quick comparison of Microsoft Defender for Office 365 with other Microsoft Defender products
Once you know more about each point, you’ll have an easier time choosing which Microsoft Defender product you can use for your business.
What is Microsoft Defender for Office 365?
Microsoft Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection) is a security service designed to protect you when you use Office 365.
According to Microsoft, it’s a cloud-based email filtering service that protects your business from threats to email & collaboration tools.
Essentially, Defender for Office 365 targets threats that can be coursed through your use of Office 365. It’s connected to a database from Microsoft that analyzes your correspondence and evaluates the likelihood of a link or file being a virus.
Microsoft Defender for Office 365 Features
This program primarily focuses on threat prevention, investigation, and response in the Office 365 workspace. Defender for Office 365 comes with different plan levels that are often bundled in the kind of Microsoft subscription you have.
However, it’s possible to upgrade to a different Defender for Office 365 plan separately. This is great for businesses that have specialized needs.
There are two possible plans for Defender for Office 365: plan 1 and plan 2.
Defender for Office: Plan 1
Plan 1 for Defender for Office is a step up from the standard EOP (or Exchange Online Protection). EOP focuses on basic threat detection and prevention, while Plan 1 builds on EOP features by expanding on threat prevention and detection.
The main features added on in Plan 1 are:
1. Safe Attachments
Defender can now quickly scan the attachments in communication between the users of your organization.
2. Safe Links
Defender can use Microsoft’s database to test links in a controlled environment and see any suspicious activities.
3. Safe Attachments for SharePoint, OneDrive, and Microsoft Teams
Plan 1 protects SharePoint, OneDrive, and Microsoft Teams attachments, unlike EOP, which has more limitations.
4. Anti-phishing in Defender for Office 365 protection
There is an additional layer of protection against phishing. Defender points out or quarantines communication that suspiciously asks for you to provide information.
5. Real-time detection
The ability to see threats in real-time allows for SIEM (Security Information and Events Management) Integration.
Defender for Office: Plan 2
Plan 2 of Defender for Office 365 contains all the features of Plan 1 & EOP. It expands on the previous plans by focusing on security education, threat investigation, threat response, and automation of security protocols.
The main additional features of Plan 2 are:
1. Threat Trackers
Threat tracking allows you to see the path of a threat across your organization. It can provide invaluable insight into possible security breaches in your system.
2. Threat Explorer
Threat explorer provides a deeper analysis of threats in real-time against people in your organization.
3. Automated investigation and response
Automated threat detection helps free up the time of your IT personnel to focus on dealing with the threats that need human judgment.
4. Attack simulation training
To highlight the thrust for a holistic security program, Defender for Office Plan 2 includes training. Attack simulation training helps staff have a proactive role in managing their security.
Defender for Office 365 vs. Endpoint vs. Identity vs. Cloud Apps
The problem with Defender for Office 365 is distinguishing it from the other Microsoft Defender products, which can seem confusing at first glance.
Think of Defender products like a hierarchy.
At the top is Microsoft Defender. This is the integrated dashboard that has the following services:
- Defender for Office 365
- Defender for Endpoint
- Defender for Identity
- Defender for Cloud Apps
These products were formerly called other names but have been standardized in recent months by Microsoft.
Each Defender product has its own specialization.
Microsoft 365 Defender architecture
Defender for Office
Defender for Office focuses on threats that come through your use of Office 365. This is best for companies that rely on Office 365.
Defender for Identity
Defender for Identity (formerly Defender for Azure) leverages user behavior and active directory analysis to see possible identity-based security threats.
Defender for Endpoint
Defender for Endpoint specializes in endpoint threats. It uses AI (Artificial Intelligence) to evaluate threats to your system.
Defender for Cloud Apps
Defender for Cloud Apps (formerly known as Cloud App Security) focuses on analyzing the security of the deployed cloud apps in your organization.
Ready to implement Microsoft Defender for your business?
All in all, Microsoft Defender is a powerful tool to protect your company’s data. Defender for Office 365 specializes in protecting your users when they use Office 365 programs.
It’s best to have this if your organization relies heavily on Office 365 for your employees. However, if your business isn’t reliant on it, or is too small to benefit from a plan, you can use the standard protection offered by Microsoft.
Defender for Office focuses on threat prevention, detection, response, and automation. It has two plans – Plan 1 and Plan 2 – where you can choose the level of security you need for your business.
Plan 1 specializes in threat detection and prevention by having safe attachments, safe links, anti-phishing analysis, and real-time detection.
Plan 2 has these features and adds to them by providing tools for automation and education such as threat tracking, threat explorer, automated investigation and response, and attack simulation training.
Making the correct choice of where to put your company resources is no easy task. And ITS, as a Microsoft Gold partner, specializes in helping clients get the best Microsoft products that fit their company.
And thus, we know that having an idea of what Microsoft products are available isn’t enough to get a holistic security setup for your IT infrastructure. Learn more about protecting your company by reading “How to Protect Your Company’s Security Network.”