Rebecca Wynn, Global CISO & Chief Privacy Officer

 “The Microsoft 365 Defender tools provide a holistic view of what is happening in the environment.”

When deciding where to begin with Microsoft 365 Defender, the primary objective is to reduce risk as quickly and efficiently as possible. There are a couple of ways to look at that. One is to identify what the greatest impact of an attack would be, and then protect against that risk first. The other is to look at where your greatest exposure is and protect that first.

Most organizations think in terms of reducing exposure first, and the best place to start is with users. The quickest way to reduce user exposure with the Microsoft 365 Defender tools is to begin with Microsoft Defender for Office 365. This tool protects Microsoft Outlook email, OneDrive, SharePoint, and Microsoft Teams—the places where most users are exposed daily. Implementing this tool is easy, and its cost is based on the number of Office 365 licenses you have.

As you prepare to roll out these tools, first review the documentation. Microsoft does a good job of providing online videos and documentation about how to use the products. The documents support not only security and compliance professionals but also administrators. Another important step is to take a thorough IT asset inventory. You need to understand the types of systems you have, where they are, and the networking devices in use—all elements that affect your use of the security tools. Finally, talk to the core stakeholders in the organization’s IT systems. The success or failure of your implementation depends on their support.



This is an excerpt from 7 Experts on Implementing Microsoft 365 Defender.  This eBook was generously sponsored by BlueVoyant.