Highlighting the importance of securing your business during National Small Business Week
It is a common misconception that cyberattacks only threaten large corporations. In reality, 1 in 3 small and medium sized businesses (SMBs) have experienced a cyberattack (1), ranging from phishing schemes to ransomware attacks. The average cost of a cyberattack is over $250K up to $7M (2), which can be a significant financial loss for a small business. This National Small Business Week, we want to highlight product innovations, customer stories, and resources. To help you understand the importance of cybersecurity and discover ways to protect your small and medium business. Microsoft 365 Business Premium helps you run your business, securely. Many small businesses do not have a dedicated IT team to manage their security needs. As a result, they need a simple and affordable solution. Microsoft 365 Business Premium combines essential security and productivity capabilities in a solution that is easy to use and cost-effective. It provides layered protection across user identities, devices, email and collaboration apps, and data security. To meet the growing needs of small businesses, we announced AI-powered phishing protection in Defender for Office 365. This helps detect and filter business email compromise (BEC) with 99.5% accuracy. We integrate with some of the top managed detection and response (MDR) providers such as Huntress, Blackpoint Cyber, Chorus Cyber, and ConnectWise MDR. For partners, we introduced the SMB-Verified Solution Status within the Microsoft Intelligent Security Association (MISA). The status highlights purpose-built technology solutions for SMBs and MSPs. As your security needs grow, Microsoft 365 E5 Security is available as an add-on: As cyberthreats continue to grow, and as cyber insurance and regulatory requirements evolve, many small businesses are now looking for enterprise-level security. To support the growing security needs, Microsoft now offers Microsoft 365 E5 Security as an add-on for Business Premium. E5 Security brings enterprise-grade protection on top of Business Premium. It gives organizations access to Microsoft’s most sophisticated security technologies. The Microsoft 365 E5 Security suite is cost-effective, saving organizations up to 57% compared to buying each product individually. Microsoft 365 E5 Security adds additional enterprise-grade XDR capabilities to what is already available in Business Premium. Such as: Identity, access, and protection controls: Business Premium includes Microsoft Entra ID P1, providing single sign-on, multi-factor authentication (MFA), and device and IP location based conditional access helping SMBs manage user identities and enable access from anywhere. Entra ID P2, as part of Microsoft 365 E5 Security, has Entra ID Protection offering risk-based conditional access that helps block identity attacks in real time using behavioral analytics and signals from both user risk and sign-in risk. Entra ID P2 also includes ID Governance capabilities to help automate workflows and processes that give users access to resources. With Privileged Identity Management (PIM) companies can provide users with only the minimum privileges needed to accomplish the tasks they're authorized to perform. Microsoft 365 E5 Security has Microsoft Defender for Identity which identifies, detects, and investigates threats for on-premises identities. Email and Collaboration security: Business Premium includes Microsoft Defender for Office 365 P1, which provides anti-phishing and anti-malware defenses, including Safe Links and Safe Attachments for real-time scanning of URLs and files sent via email, Microsoft Teams, OneDrive, and SharePoint. Microsoft 365 E5 Security includes Microsoft Defender for Office 365 P2, which enhances the protections in P1. Providing automated investigation and response capabilities, as well as cyber-attack simulation training for both email and Microsoft Teams. Defender for Office 365 now offers end-to-end protection in Microsoft Teams. Organizations can report suspicious Teams messages, leverage advanced threat hunting capabilities within Teams, and gain more control over external organizational communications. Device Security Business Premium includes Microsoft Defender for Business (MDB) which brings AI-powered endpoint detection and response with automatic attack disruption, automated investigation and remediation, across Windows, MacOS, iOS, and Android devices. E5 Security includes Microsoft Defender for Endpoint P2 adds advanced hunting, access to threat experts, and 6 months of data retention on the device. E5 Security also includes Microsoft Defender for IoT, which helps protect connected devices such as network printers and cameras. Software-as-a- service (SaaS) security: Microsoft 365 E5 Security introduces Defender for Cloud Apps, which helps prevent breaches caused by SaaS app misconfigurations—a common attack vector. Defender for Cloud Apps enables automated and continuous monitoring of SaaS apps to reduce security vulnerabilities and increase compliance by detecting misconfigurations and providing remediation steps for risky configurations. Lean more about Microsoft 365 E5 Security. See Customers in Action: “It’s valuable that Microsoft 365 Business Premium provides all the native controls for us to implement security benchmarks in audits and dramatically reduce the attack surface area”- JJ Milner, Cloud Architect and Managing Director, Global Micro Solutions Acumen Group partnered with Global Micro Solutions, a Microsoft partner, to help implement Business Premium due to increasingly complex mobile device management and security requirements as they scaled. “As part of our Microsoft E5 license which provides security features such as data loss prevention (DLP) and information labeling, we get just about every app under the sun and the more we delve into it, the more we can use it”- Danielle Brautigan, General and Finance Manager, McGees Property McGees Property switched to Microsoft 365, moving from on-premises servers and services to the cloud after being hit by a ransomware attack. The attack locked McGee’s employees out of their files for more than four weeks, forcing them to work from personal email accounts. Resources: At Microsoft, we have created multiple resources to help highlight the importance of cybersecurity and how to get started with Microsoft 365 Business Premium. Are you a customer? Visit our website to learn more about Microsoft Security solutions for SMBs. Are you a partner? Check out our partner playbooks to get started on your SMB managed services journey,– Microsoft 365 Business Premium Partner Playbook and Microsoft 365 E5 Security deck. References: [1, 2] 7 cybersecurity trends and tips for small and medium businesses to stay protected, Scott Woodgate. October 31, 2024Virtual Conference Focused on CMMC and Microsoft's US Sovereign Cloud
Thursday, February 04, 2021, 08:30 AM – 03:00 PM (CST) This third installment of the Cloud Security and Compliance Series (CS2) Virtual series is curated for DoD contractors looking to meet cybersecurity regulations, address security threats, and glean best practices for their Microsoft cloud investments. Many previous speakers include Richard Wakeman (Microsoft), Katie Arrington (OUSD), and several CMMC AB board members. Next month CS2 will host Rima Reyes, Dave Jennings and Morne Pretorius of the Teams GCC / GCC High / DoD product group as well as Matt Soseman, Microsoft Sr Architect focused on Microsoft Defender and applications for CMMC. See below for the full set of speakers. Join us for this ongoing informational series to cover best practices for CMMC, DFARS 7012 and the DFARS Interim Rule, NIST 800-171 compliance, CUI and ITAR data management, Audit Preparations, Cloud Management and other security topics.Making the Most of Attack Simulation Training: Dynamic Groups, Automation, and User Education
Learn how to maximize the impact of Attack Simulation Training in Microsoft Defender for Office 365. This guide covers dynamic groups, automation, localization, and reporting to help you build a scalable and effective security awareness program.Enterprise Grade Protection for Small & Medium Businesses | Microsoft Defender for Business
Specially built for businesses with up to 300 employees, go beyond traditional AV to proactively protect your devices, to help prevent attacks, and respond to sophisticated threats with the newly announced Microsoft Defender for Business.
Microsoft Defender for Identity and CMMC Applications
With Microsoft Defender for Identity and the integration of Azure AD Identity Protection and Cloud App Security, monitoring and alerting can be applied for identities that span both on premises and in the cloud. Learn how Microsoft Defender for Identity uses adaptive built-in intelligence, giving you insights into suspicious activities and events, revealing the advanced threats, compromised users, and insider threats facing your organization. All of this and more can assist in meeting CMMC and DFARS requirements tied to NIST 800-171 / 53. In this video famed Microsoft Security Architect and speaker Matt Soseman (aka.ms/SosemanTV - 6K+ Subscribers) provides this excellent introduction to Microsoft Defender for Identity and how it addresses several key Practices and Domains within #CMMC.
Beyond Visibility: Hybrid Identity Protection with Microsoft Entra & Defender for Identity
In a previous blog, we explored how Microsoft Entra and Defender for Identity form a powerful duo for hybrid identity protection. But visibility alone isn’t enough. To truly defend your organization, you need to operationalize that visibility—turning insights into action, and strategy into security outcomes. Let’s explore how to take your hybrid identity protection to the next level. From Detection to Response: Building a Unified Identity SOC Security teams often struggle with fragmented signals across cloud and on-prem environments. Defender for Identity and Entra solve this by feeding identity-based alerts into Microsoft 365 Defender and Microsoft Sentinel, enabling: Centralized incident response: Investigate identity threats alongside endpoint, email, and cloud signals. Automated playbooks: Trigger actions like disabling accounts or enforcing stricter access policies. Advanced hunting: Use KQL queries to uncover stealthy attacks like domain dominance or golden ticket abuse. This unified approach transforms your SOC from reactive to proactive. Strengthening Identity Posture with Entra ID Protection Once threats are detected, Entra ID Protection helps you contain and prevent them: Risk-based Conditional Access: Automatically block or challenge risky sign-ins based on Defender for Identity signals. User risk remediation: Force password resets or MFA enrollment for compromised accounts. Policy tuning: Use insights from past incidents to refine access controls and reduce false positives. This adaptive security model ensures that your defenses evolve with the threat landscape. To learn more about these and additional policy-driven security mechanisms, please visit: Risk policies - Microsoft Entra ID Protection | Microsoft Learn Least Privilege at Scale with Entra ID Governance Identity protection isn’t just about stopping attacks—it’s about minimizing the blast radius. Entra ID Governance helps enforce least privilege by: Automating access reviews: Regularly audit who has access to sensitive resources. Just-in-time access: Grant temporary permissions only when needed. Entitlement management: Control access to apps and groups with policy-based workflows. By reducing unnecessary access, you make lateral movement harder for attackers—and easier for auditors. To learn more about least privilege, please visit: Understanding least privilege with Microsoft Entra ID Governance | Microsoft Learn Real-Time Insights with Microsoft Sentinel Sentinel supercharges your hybrid identity protection with: Custom dashboards: Visualize risky users, sign-in anomalies, and privilege escalations. Threat intelligence fusion: Correlate identity signals with external threat feeds. Data connectors: Stream Entra and Defender for Identity logs for deep analysis and long-term retention. This gives you the clarity to spot patterns and the context to act decisively. To learn more about Microsoft Sentinel, please visit: What is Microsoft Sentinel SIEM? | Microsoft Learn Next Steps: Operationalize Your Identity Strategy To move from visibility to action: Deploy Defender for Identity sensors across all domain controllers. Integrate with Microsoft 365 Defender and Sentinel for unified threat detection. Enable risk-based Conditional Access in Entra to respond to identity threats in real time. Implement least privilege policies using Entra ID Governance. Use Sentinel for advanced hunting and analytics to stay ahead of attackers. Final Thoughts Hybrid identity protection isn’t a checkbox—it’s a continuous journey. By operationalizing the integration between Microsoft Entra and Defender for Identity, you empower your security teams to detect, respond, and prevent identity threats with precision and speed.
