In its bid to further bolster endpoint protection (opens in new tab), the latest public preview of Microsoft Defender for Endpoint can now be used to protect unmanaged devices as well.
In a blog post, Microsoft reasons that it worked on the new functionality as the Bring Your Own Device (BYOD) paradigm has taken on new meaning in the new hybrid work environment.
"The riskiest threat is the one you don't know about. Unmanaged devices are literally one of your weakest links…With work-from-home, the threat has grown exponentially, making discovering and applying security controls to these devices mission critical," says David Weston, Microsoft's director of enterprise and OS security.
- Check our list of the best firewall apps and services (opens in new tab)
- These are some of the best disaster recovery services (opens in new tab)
- Here's our choice of the best malware removal (opens in new tab) software on the market
Unmanaged no more
Threat actors see a huge opportunity in unmanaged end-user devices as a means to get inside corporate networks. A compromised unmanaged device can be used as a launchpad to unleash broader attacks.
In fact, according to Microsoft’s chief information security officer Bret Arsenault said that users are 71% more likely to be infected on an unmanaged device. It points to the Equifax breach (opens in new tab) that affected well over 100 million users arguing that it originated via an unpatched vulnerability on an internet-facing unmanaged server.
The new unmanaged endpoint discovery is designed to avoid situations like these. The functionality will help customers detect and report upon any device seen on a corporate network. These devices can then be on-boarded and secured by Microsoft Defender for Endpoint.
One of the interesting features of the new functionality is a built-in logic that can differentiate between corporate and personal networks to ensure it doesn’t accidentally show your private devices not controlled by the organization in the inventory list.
In addition to Windows 10 (opens in new tab), Microsoft Defender for Endpoint works across other popular desktop operating systems including Linux (opens in new tab), and macOS (opens in new tab) as well as on portable devices powered by iOS (opens in new tab) and Android (opens in new tab). Furthermore, you can also use it to protect network devices such as routers (opens in new tab), firewalls, WLAN controllers, and others.
- Protect your devices with these best antivirus software (opens in new tab)
Via: ZDNet (opens in new tab)