“A lot of the cost and value you see from these tools hinges on your ability to use them efficiently so that they deliver those returns day after day.”
In addition to familiarizing yourself with Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection) capabilities, it’s important to create a detailed IT asset inventory before deploying the tool. Microsoft has done a great job of extending Microsoft Defender for Endpoint to cover different Linux distributions and macOS so that you can use it to protect a larger slice of your environment. You have to know what you are trying to protect, though, which means knowing which server operating systems you have, which firewall technologies are used in your environment, which devices your users have, and what their operating systems are. In each case, you must know what you have, how Microsoft Defender for Endpoint supports it, and what functionality is available to you in each instance.
You must also work with the key stakeholders throughout the organization whom the deployment of Microsoft Defender for Endpoint will affect. Microsoft has made the tools in the Microsoft 365 Defender suite easy to deploy quickly, but too many deployments end up with gaps or delays because of a lack of stakeholder involvement. This gap causes holes in the holistic view that Microsoft Defender for Endpoint delivers.
This is an excerpt from 7 Experts on Implementing Microsoft Defender for Endpoint. This eBook was generously sponsored by BlueVoyant.