MDR Provider Comparison: Should our mid-size company buy Microsoft Defender for Endpoint?

February 11, 2022 Mike Smith

Should our mid-size company buy Microsoft Defender for Endpoint?

Mike continues his (MDR Provider Comparison) series, by addressing this question. He gives 3 questions to ask yourself about your organization, that will help determine if Defender for Endpoint is a good fit for your mid-size business.

Want Mike’s recommendations on the best MDR providers, to help your IT team deploy and manage Defender for Endpoint? Click below and ask him today.

Ask Mike
Mike Smith AeroCom

About Mike

Mike Smith is the Founder and President of AeroCom and has been helping companies with telecom and cloud services since 1999. He has been the recipient of numerous business telecommunications industry awards, including being recognized as one of the top 40 business people in Orange County, CA., under 40 years old. You can also hear him as the host of the popular Information Technology podcast, ITsmiths with Mike Smith. Follow Mike on YouTube, LinkedInReddit and SpiceWorks.

Transcript

Your company is looking into Microsoft Defender for Endpoint to help manage and secure your endpoint devices.

And you’re probably also looking at things like Carbon Black and CrowdStrike, and a lot of other solutions out there. And you’re wondering, “Should we use Microsoft Defender for Endpoint? Is that the best endpoint security solution out there?”

Shortcut

Well, I wanted to make a video and tell you my opinion on this, but before I get started, I wanted to quickly mention, Hey, if you’re interested in finding companies that will help your company deploy Microsoft Defender for Endpoint, don’t Google it. Don’t look all around all over the place. I’m a broker for all the major companies that deploy this solution. Just reach out, email me, call me (714.593.0011), tell me about your company a little bit, and I’ll give you some great recommendations on the vendors you should definitely be quoting to help you deploy Microsoft Defender for Endpoint. More information on that at the end of the video, but I just wanted to drop that in there real quick.

Should your company deploy Microsoft Defender for Endpoint? I have a few questions that you should ask yourself about your company that will help you get to the right answer to that question.

365

The first question is, does your company currently have some type of 365 platform deployed? Meaning, are you currently using Office 365, or are you currently using Microsoft 365? Any of those licenses? Do you have any of those going on? Even better, are you currently using Microsoft 365 E5? Do you have an E5 license out there for all of your users? If that’s the case, then definitely, it’s a screaming yes, because you’re already paying for Microsoft Defender for Endpoint.

But, I know it sounds like a silly question, but I’m just asking, are you using it today? Because, some people will come to me and they’ll say, “Hey, we’re interested in Defender for Endpoint,” but they’re currently using Exchange or Hosted Exchange, or something. They haven’t really deployed a 365 product yet into their company. They’re still a little bit behind the times.

If your answer is yes, if you’re currently using some type of a 365 product today for Microsoft and that’s deployed throughout your whole company, I would say, okay, you’re one step down the road to the answer being, yes, you should deploy Defender for Endpoint. Why? Because, if you already have Microsoft deployed, you’re already paying half the cost of getting there, and you already have it every everywhere, so it’s one application that can do everything. As opposed to CrowdStrike or Carbon Black or any of these other applications, those are separate applications. You’re going to have to run your Office 365 Admin center, plus another application on all of your endpoints and from an administrative standpoint.

If you’re already running 365, that obviously already gives Defender for Endpoint a distinct advantage. That’s my first question that you should ask yourself. Are we currently deploying something like that?

Management Holds The Keys

The second question is, does your company take cybersecurity seriously? Meaning, do the upper ups within your company, are they willing to put out budget money for security? And I asked that question, again, it sounds silly, but some companies are just looking to find an easier way to deploy endpoints and they’re not really sure if their executive team takes security that seriously. If that’s the case, the answer is probably no, you should not deploy Microsoft Defender for Endpoint. Unless your company takes security seriously, you are going to get way too much information poured into you from Defender for Endpoint, telling you about everything that’s going on with all of your endpoints. And you’re going to have to something with that information.

And if your company’s not willing to take that information seriously, you’re just not going to get your bang for your buck with how much you’re going to spend for the security package, the Microsoft 365 E5 security package that comes with Defender for Endpoint. That’s question number two. Does your company take cybersecurity seriously, and are they willing to spend some money on it? Which kind of leads me to my third question, especially if you are a midsize company.

MDR

If you are working for a midsize company, is your company willing to pay a third-party vendor that does manage detection and response, like an MDR provider, to help you deploy Microsoft Defender for Endpoint? The reason I say that is if they’re not willing to pay, it’s probably costs about 10% more than Defender for Endpoint costs, to actually have an MDR service provider help you with it.

And so, if your company is not willing to spend that money, I would say you’re not a good fit for it.

Especially a Mid-Size Company

And the reason why is midsize companies typically have a small IT staff. They’re pretty much almost always understaffed when it comes to IT. And once you deploy a Microsoft Defender for Endpoint, you’re going to get, like I said, a lot of information back. You’re going to get a lot of alerts, a lot of false positives, a lot of data back from that. And, number one, you’ve got to have the time to go through all those alerts and to know what is going on. You’ve got to know what’s going on in the security world, to know what alerts you should pay attention to or not. You got to have the time it takes to track down all those alerts and if there is an incident taking place.

MDR Provider Comparison - should your mid-size company buy Microsoft Defender for Endpoint

If there is some type of a threat going on, do you have time to hunt that threat? Do you have time to get them off of your endpoint without having a lot of time sitting idle on your network or on your endpoint? A lot of that stuff’s going to come at you, unless you have an unlimited budget to hire high-end security professionals for your IT team, which most companies don’t have that.

You’ve got to have help. Otherwise, you might as well not spend the money, because you’re going to get all this information that you’re not going to use and you’re not going to have time to chase it down. You’re going to be using half the tool, and therefore, it’s just not worth the money or the effort to deploy it. But if your company is interested, I would say, yes, absolutely deploy it with an MDR provider.

Sum it up

If your company has some type of 365 today, your company’s willing to invest in security and you’re willing to use an MDR solution in order to help you deploy Defender for Endpoint, I would say, yes, your company should definitely use Defender for Endpoint. Especially, that MDR provider is going to give you, they’re going to use things like machine learning and AI to sift through all the alerts, to get the alerts down to a manageable level.

They’re also going to be able to really have a security professional look at those alerts and know what’s going on in the world and on the internet to know which alerts you should be really paying attention to. And they have the time because they have SOC analysts, SOC engineers on staff, where they can act on those alerts for you immediately while you’re busy doing all the other IT stuff for the company. They can act on it and get those threat actors off your endpoints. If a user has made a mistake, they can go ahead and act on it right away before the damage goes lateral within your company. If the answers to those are yes, absolutely, you should deploy Microsoft Defender for Endpoint, because it’s got a ton of advantages as I’m sure you’ve seen on the internet.

Which MDR Vendors do you quote?

That being said, if you want to know which MDR solutions are going to be the best for your company to quote, again, don’t Google it. Reach out and contact me via email or phone (714.593.0011). I’ve been a broker for 18 years for all these solutions. I know all the major companies that you should be quoting, and there’s a ton of them. There’s no way you can just without any knowledge go pick the right ones to quote. Just contact me, tell me some information about your company. I’ll introduce you to a small handful of companies that you should definitely be quoting. And the nice thing is if you find one of those companies that you like, those companies pay our company a broker fee, so you don’t even have to pay me anything. There’s absolutely no excuse not to reach out and get my advice at the very least. I hope that was helpful. If so, don’t forget to subscribe to the channel so we can stop watching all those commercials that YouTube keeps throwing on my videos. And also, don’t forget to like this video. And I will catch you on the next one.

Ask Mike

Related Content

Tagged with: