You may have noticed the deep integration between endpoint security and endpoint management, both in your changing requirements and within the Microsoft 365 product experience. Microsoft Endpoint Manager now includes a single pane of glass for all endpoint security actions, such as endpoint configuration, deployment, and management. In this post, I’ll go deeper into the evolution of unified endpoint security and how Microsoft 365 keeps you ahead in the modern cybersecurity landscape.
The Microsoft Endpoint Manager team is working with our Microsoft 365 customers every day, and we consistently hear from them that there's a clear division between security and IT teams.
Security teams aim to protect their organizations from malicious actors, and they employ specific tools and procedures to help them achieve protection.
The goal of IT teams is end-user productivity and helping users to be efficient and effective in their roles.
In many organizations these are disconnected objectives that can cause friction between teams. Security teams are deploying extra agents, slowing down boot times and impacting end-user experience . IT teams aren’t patching fast enough or securing their operating systems strongly enough, and they are deploying vulnerable applications.
It can seem as if there’s a brick wall between these teams, and that brick wall can interfere with effective enterprise security management.
The Microsoft approach to security and IT management is different. With security and management integration across the entire Microsoft 365 product suite, we’re breaking down the brick wall between security and IT to help make both teams more effective for your organization.
With many customers moving to Microsoft Defender Advanced Threat Protection (ATP) as their primary endpoint security solution, we identified the need to provide dedicated security administrator experiences.
A security administrator can work for the IT organization or the security organization, and day-to-day responsibilities include defining IT security policies, deploying security configuration, and running vulnerability assessments.
Customers who purchase Microsoft 365 get best of breed security and management products with Microsoft Defender ATP and Microsoft Endpoint Manager, both of which have deep native integration into Windows 10 and Office 365. There are no extra agents to deploy, no servers to stand up, and no additional licenses to purchase.
By using Microsoft Endpoint Manager and Microsoft Defender ATP, you can integrate endpoint management and endpoint security in a unified Microsoft 365 experience. This gives you powerful tools to help protect all your endpoints against today’s sophisticated cyberthreats.
Security teams appreciate the integrated benefits, including:
IT teams appreciate:
Along with these benefits, our integrated approach introduces several security and IT innovations, including:
As our teams continue to innovate, we’re always looking for new ways to delight our customers with unique security and IT integrations.
Earlier this year we announced the Endpoint security node in Microsoft Endpoint Manager.
You can browse to the Endpoint security node directly by bookmarking https://aka.ms/EndpointSecurity, access it from Microsoft Endpoint Manager (https://endpoint.microsoft.com) under Endpoint security, or access it from the Microsoft Defender Security Center (https://securitycenter.windows.com) under Configuration Management.
The Endpoint security node is designed as a one-stop-shop for all tasks the security administrator persona needs to perform. This includes management of antivirus programs, firewalls, disk encryption, threat protection, identity protection, conditional access policies, security baselines, and more. Users added to the Endpoint Security Manager role in Endpoint Manager or the Security Administrator role in Azure Active Directory are granted permissions to manage endpoint security.
Security administrators can view enterprise managed devices and device configuration, and they can perform remote actions like updating security definitions or rebooting endpoints.
Security baselines provide IT and security admins a starting point to secure Windows 10 devices. The Windows 10 security baseline provides a native mobile device management (MDM) implementation of the Microsoft defined Windows security baselines, and the Microsoft Defender ATP security baseline offers best practice configuration for Microsoft Defender ATP.
Security tasks help IT and security admins work with their SecOps counterparts on app and configuration vulnerabilities. SecOps engineers can raise security flags to notify IT of apps that need to be updated and include the list of impacted devices without leaving their endpoint security console.
Endpoint security policies provide security admins granular control over security configurations. Security administrators can manage:
We’ve even included the Device compliance and Conditional Access nodes into the Endpoint security node, so security administrators can set access control rules for their cloud services based on their endpoint security posture.
We’re committed to building out even richer security administrator experiences in the future, including admin actions, reporting, and intelligent configuration—and expect to add value each month. New features this month include:
Our endpoint security experiences aren’t limited to Windows 10. Microsoft Endpoint Manager is a leader in cross-platform device management, and endpoint security is no different.
Microsoft Defender ATP Antivirus, FileVault disk encryption, and Firewall configuration are available for macOS devices that are managed by Endpoint Manager. Device compliance is available for all supported platforms including mobile.
We’re excited to extend our security and management experiences to mobile devices. In preview, we support device compliance signals from Microsoft Defender ATP for Android. To join the preview, see How to test Microsoft Defender ATP (preview) based device compliance on Android.
We understand that security management is only effective if every endpoint has coverage. Our endpoint security experiences allow you to target security configuration for devices that are managed in three ways:
With these investments in cross-product integration, dedicated security administrator experiences, cross-platform support, and complete enterprise endpoint coverage, we believe Microsoft 365 customers are positioned to provide the security posture they require while empowering every employee to achieve more.
To learn more about the Endpoint security experience, see our technical documentation at https://docs.microsoft.com/mem/intune/protect/endpoint-security.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.