Microsoft Defender for Endpoint finally gets this important feature

(Image credit: Kingston)

Businesses will now be able to use Microsoft Defender for Endpoint to secure their unmanaged endpoint devices

First announced in a public preview several months ago, the new capability gives Defender for Endpoint users visibility over unmanaged devices, which Microsoft argues pose the greatest risk to a corporate network’s security, especially in the new hybrid work environment.

“The riskiest threat is the one you don’t know about. Unmanaged devices are literally one of your weakest links. Smart attackers go there first,” said David Weston, Microsoft Director of Enterprise and OS Security.

Eye on your realm

Compromised unmanaged devices have been used in the past as springboards to launch broader attacks, such as the Equifax breach, which can be traced back to an unpatched vulnerability on an internet-facing unmanaged server. 

Microsoft further drives home the point of reigning in unmanaged devices by leveraging on its survey from October 2020 that revealed that users are 71 percent more likely to be infected on an unmanaged device.

With the new capability, Defender for Endpoint will be able to sniff out unmanaged workstations, servers, and mobile endpoints (Windows, Linux, macOS, iOS, and Android) that haven’t yet been onboarded and then secure them.

Furthermore, the new capability also discovers network devices, such as routers, firewalls, VPN gateways and adds them to the device inventory using periodic scans.

One of the interesting features of Defender for Endpoint’s new capabilities is the built-in logic that can differentiate between corporate and personal networks to ensure it doesn’t accidentally add your private devices not controlled by the organization to its list. 

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.