Compare security features in Microsoft 365 plans for small and medium-sized businesses
Microsoft offers a wide variety of cloud solutions and services, including several different plans for small and medium-sized businesses. For example, Microsoft 365 Business Premium includes security and device management capabilities, along with productivity features, like Office apps. This article is designed to help clarify what security features, such as device protection, are included in Microsoft 365 Business Premium, Microsoft Defender for Business, and Microsoft Defender for Endpoint.
Got a minute? Please take our short survey about security. We'd love to hear from you!
Use this article to:
- Compare Microsoft Defender for Business (standalone) to Microsoft 365 Business Premium
- Compare Defender for Business (standalone) to Microsoft Defender for Endpoint enterprise offerings
You don't have to have a Microsoft 365 subscription to buy and use Microsoft Defender for Business. Microsoft Defender for Business is included in Microsoft 365 Business Premium, and it is available as a standalone security solution for small and medium-sized businesses. If you already have Microsoft 365 Business Basic or Standard, consider adding either upgrading to Microsoft 365 Business Premium or adding Microsoft Defender for Business to get more threat protection capabilities.
Compare security features in Microsoft Defender for Business to Microsoft 365 Business Premium
Note
This article is intended to provide a high-level overview of threat protection features included in Microsoft Defender for Business (as a standalone plan) and Microsoft 365 Business Premium (which includes Defender for Business). This article is not intended to serve as a service description or licensing contract document. For more information, see the Microsoft 365 licensing guidance for security & compliance.
As of March 1, 2022, Defender for Business is included in Microsoft 365 Business Premium. Defender for Business is also available as a standalone subscription. The following table compares security features and capabilities in Defender for Business (standalone) to Microsoft 365 Business Premium.
| Feature/Capability | Microsoft Defender for Business (standalone) |
Microsoft 365 Business Premium (includes Defender for Business) |
|---|---|---|
| Email protection | Yes - Email scanning with Microsoft Defender Antivirus |
Yes - Exchange Online Protection - Email scanning with Microsoft Defender Antivirus |
| Antispam protection | Yes - For devices |
Yes - For devices - For Microsoft 365 email content, such as messages and attachments |
| Antimalware protection | Yes - For devices |
Yes - For devices - For Microsoft 365 email content, such as messages and attachments |
| Next-generation protection (antivirus and antimalware protection) |
Yes - Microsoft Defender Antivirus is included in Windows 10 and later |
Yes - Microsoft Defender Antivirus is included in Windows 10 and later - Next-generation protection policies for onboarded devices |
| Attack surface reduction (ASR rules in Windows 10 or later and firewall protection) |
Yes | Yes |
| Endpoint detection and response (behavior-based detection and manual response actions) |
Yes | Yes |
| Automated investigation and response | Yes | Yes |
| Threat & vulnerability management | Yes | Yes |
| Centralized management and reporting | Yes | Yes |
| APIs (for integration with custom apps or reporting solutions) |
Yes | Yes |
Compare Microsoft Defender for Business to Microsoft Defender for Endpoint Plans 1 and 2
Defender for Business brings enterprise-grade capabilities of Defender for Endpoint to small and medium-sized businesses. The following table compares security features and capabilities in Defender for Business to the enterprise offerings, Microsoft Defender for Endpoint Plans 1 and 2.
| Feature/Capability | Defender for Business (standalone) |
Defender for Endpoint Plan 1 (for enterprise customers) |
Defender for Endpoint Plan 2 (for enterprise customers) |
|---|---|---|---|
| Centralized management | Yes [1] | Yes | Yes |
| Simplified client configuration | Yes | No | No |
| Threat & vulnerability management | Yes | No | Yes |
| Attack surface reduction capabilities | Yes | Yes | Yes |
| Next-generation protection | Yes | Yes | Yes |
| Endpoint detection and response | Yes [2] | No | Yes |
| Automated investigation and response | Yes [3] | No | Yes |
| Threat hunting and six months of data retention | No [4] | No | Yes |
| Threat analytics | Yes [5] | No | Yes |
| Cross-platform support (Windows, macOS, iOS, and Android OS) |
Yes [6] | Yes | Yes |
| Microsoft Threat Experts | No | No | Yes |
| Partner APIs | Yes | Yes | Yes |
| Microsoft 365 Lighthouse integration (For viewing security incidents across customer tenants) |
Yes | Yes [7] | Yes [7] |
(1) Onboard and manage devices in the Microsoft 365 Defender portal (https://security.microsoft.com) or with Microsoft Intune, managed in the Microsoft Endpoint Manager admin center (https://endpoint.microsoft.com).
(2) Endpoint detection and response (EDR) capabilities in Defender for Business include behavior-based detection and the following four types of manual response actions:
- Run antivirus scan
- Isolate device
- Stop and quarantine a file
- Add an indicator to block or allow a file
(3) In Defender for Business, automated investigation and response is turned on by default, tenant wide. If you turn off automated investigation and response, it affects real-time protection. See Review settings for advanced features.
(4) There is no timeline view in Defender for Business.
(5) In Defender for Business, threat analytics are optimized for small and medium-sized businesses.
(6) See Onboard devices to Microsoft Defender for Business.
(7) The ability to view incidents across tenants using Defender for Endpoint is new!
Next steps
Atsiliepimai
Pateikti ir peržiūrėti atsiliepimą, skirtą