Highlighting the importance of securing your business during National Small Business Week

It is a common misconception that cyberattacks only threaten large corporations. In reality, 1 in 3 small and medium sized businesses (SMBs) have experienced a cyberattack (1), ranging from phishing schemes to ransomware attacks. The average cost of a cyberattack is over $250K up to $7M (2), which can be a significant financial loss for a small business. This National Small Business Week, we want to highlight product innovations, customer stories, and resources. To help you understand the importance of cybersecurity and discover ways to protect your small and medium business.

Microsoft 365 Business Premium helps you run your business, securely.

Many small businesses do not have a dedicated IT team to manage their security needs. As a result, they need a simple and affordable solution. Microsoft 365 Business Premium combines essential security and productivity capabilities in a solution that is easy to use and cost-effective. It provides layered protection across user identities, devices, email and collaboration apps, and data security.

 

To meet the growing needs of small businesses, we announced AI-powered phishing protection in Defender for Office 365. This helps detect and filter business email compromise (BEC) with 99.5% accuracy. We integrate with some of the top managed detection and response (MDR) providers such as Huntress, Blackpoint Cyber, Chorus Cyber, and ConnectWise MDR. For partners, we introduced the SMB-Verified Solution Status within the Microsoft Intelligent Security Association (MISA). The status highlights purpose-built technology solutions for SMBs and MSPs.

As your security needs grow, Microsoft 365 E5 Security is available as an add-on:

As cyberthreats continue to grow, and as cyber insurance and regulatory requirements evolve, many small businesses are now looking for enterprise-level security. To support the growing security needs, Microsoft now offers Microsoft 365 E5 Security as an add-on for Business Premium. E5 Security brings enterprise-grade protection on top of Business Premium. It gives organizations access to Microsoft’s most sophisticated security technologies. The Microsoft 365 E5 Security suite is cost-effective, saving organizations up to 57% compared to buying each product individually.

 

Microsoft 365 E5 Security adds additional enterprise-grade XDR capabilities to what is already available in Business Premium. Such as:

 

Identity, access, and protection controls:

• Business Premium includes Microsoft Entra ID P1, providing single sign-on, multi-factor authentication (MFA), and device and IP location based conditional access helping SMBs manage user identities and enable access from anywhere.
• Entra ID P2, as part of Microsoft 365 E5 Security, has Entra ID Protection offering risk-based conditional access that helps block identity attacks in real time using behavioral analytics and signals from both user risk and sign-in risk.
• Entra ID P2 also includes ID Governance capabilities to help automate workflows and processes that give users access to resources. With Privileged Identity Management (PIM) companies can provide users with only the minimum privileges needed to accomplish the tasks they're authorized to perform. 
• Microsoft 365 E5 Security has Microsoft Defender for Identity which identifies, detects, and investigates threats for on-premises identities.

Email and Collaboration security:

• Business Premium includes Microsoft Defender for Office 365 P1, which provides anti-phishing and anti-malware defenses, including Safe Links and Safe Attachments for real-time scanning of URLs and files sent via email, Microsoft Teams, OneDrive, and SharePoint.
• Microsoft 365 E5 Security includes Microsoft Defender for Office 365 P2, which enhances the protections in P1. Providing automated investigation and response capabilities, as well as cyber-attack simulation training for both email and Microsoft Teams. Defender for Office 365 now offers end-to-end protection in Microsoft Teams. Organizations can report suspicious Teams messages, leverage advanced threat hunting capabilities within Teams, and gain more control over external organizational communications.

Device Security

• Business Premium includes Microsoft Defender for Business (MDB) which brings AI-powered endpoint detection and response with automatic attack disruption, automated investigation and remediation, across Windows, MacOS, iOS, and Android devices.
• E5 Security includes Microsoft Defender for Endpoint P2 adds advanced hunting, access to threat experts, and 6 months of data retention on the device.
• E5 Security also includes Microsoft Defender for IoT, which helps protect connected devices such as network printers and cameras.

Software-as-a- service (SaaS) security:

• Microsoft 365 E5 Security introduces Defender for Cloud Apps, which helps prevent breaches caused by SaaS app misconfigurations—a common attack vector. Defender for Cloud Apps enables automated and continuous monitoring of SaaS apps to reduce security vulnerabilities and increase compliance by detecting misconfigurations and providing remediation steps for risky configurations.

 

Lean more about Microsoft 365 E5 Security.

 

See Customers in Action:

“It’s valuable that Microsoft 365 Business Premium provides all the native controls for us to implement security benchmarks in audits and dramatically reduce the attack surface area”- JJ Milner, Cloud Architect and Managing Director, Global Micro Solutions 

Acumen Group partnered with Global Micro Solutions, a Microsoft partner, to help implement Business Premium due to increasingly complex mobile device management and security requirements as they scaled.

“As part of our Microsoft E5 license which provides security features such as data loss prevention (DLP) and information labeling, we get just about every app under the sun and the more we delve into it, the more we can use it”- Danielle Brautigan, General and Finance Manager, McGees Property

McGees Property switched to Microsoft 365, moving from on-premises servers and services to the cloud after being hit by a ransomware attack. The attack locked McGee’s employees out of their files for more than four weeks, forcing them to work from personal email accounts.

 

Resources:

At Microsoft, we have created multiple resources to help highlight the importance of cybersecurity and how to get started with Microsoft 365 Business Premium.

 

• Are you a customer? Visit our website to learn more about Microsoft Security solutions for SMBs.
• Are you a partner? Check out our partner playbooks to get started on your SMB managed services journey,– Microsoft 365 Business Premium Partner Playbook and Microsoft 365 E5 Security deck.

 

References:

• [1, 2] 7 cybersecurity trends and tips for small and medium businesses to stay protected, Scott Woodgate. October 31, 2024