With all the issues happening in cybersecurity technology lately, such as CrowdStrike’s software update that caused massive outages worldwide last week, it behooves all organizations to take a serious look at their security stack with an eye toward paring it down to help reduce your threat landscape.
Trustwave has a long track record of de-risking technology transitions with proven methodologies, golden images, and playbooks. Most recently, as part of our launch of a series of Microsoft-related security offerings, including a Managed Detection and Response (MDR) service specifically for Microsoft, we've been working with new clients moving to Microsoft Security. One thing has become crystal clear: all the cybersecurity tools that come with Microsoft E5 licenses may provide clients with the potential for greater savings compared to standalone security tools.
For some companies, security tools are one of the main reasons for adopting the Microsoft 365 E5 license, but for others, security may be an afterthought or a bonus along with the productivity tools that are the main driver for E5. Those folks should take a closer look.
The Microsoft Security suite in the E5 license covers nine distinct categories of security products and dozens of capabilities that any company can benefit from. This chart does a nice job summarizing them all (just scroll down a bit past the various productivity offerings).
Counting Up the Third-Party Tools
If you're paying other vendors for some or all of these security offerings, you can at least consider opting out of those relationships and going with the Microsoft tools you're already paying for under the E5 license, potentially garnering significant savings in the process.
Following is just a sampling of the security tools included in the Microsoft 365 E5 license:
- Identity and access management, including single sign-on, multifactor authentication, and privileged identity management
- Cloud-based security information and event management (SIEM)
- Endpoint detection and response (EDR)
- Data loss prevention
- Information protection, including various forms of data and message encryption
- Data lifecycle management, including data retention policies and management
- Cloud access security broker, including cloud application security
- Secure email gateway
- Endpoint protection
- Anti-phishing
- Mobile device and application management
- Various forms of threat detection, including anti-malware, firewall, IoT, identity, and documents
- E-discovery and auditing capabilities
- Insider risk management
IT professionals of a certain age have long dealt with the decision between "best of breed" and a single-vendor platform approach in various aspects of IT, from networking and enterprise resource planning to collaboration tools and, yes, cybersecurity. Microsoft is making a powerful argument for the platform approach with its suite of security tools that fall under the same license many organizations need to buy anyway for the various Microsoft productivity tools.
In addition to being comprehensive, the suite approach helps to address the stark reality that most companies need more security professionals on staff. There's little question that the best-of-breed approach requires more integration and swivel chair management. Microsoft tools are already tightly integrated and, thus, easier to manage day-to-day.
The Role of Managed Detection and Response
Any security tool is meant to sound an alarm when something doesn't seem right. That's certainly what EDR and SIEM tools do, all day and night. That means you also need trained professionals on hand to review those alerts and separate the false positives from the troublesome ones. It helps if they also have the expertise to tune the systems, so the systems get better over time at doing that job on their own, saving your staff from alert fatigue.
Trustwave has long addressed that issue with its Managed Detection and Response service, which essentially monitors EDR, XDR, and SIEM platforms on behalf of clients. Trustwave Managed Extended Detection and Response (MXDR) for Microsoft extends our MDR offering to include Microsoft Sentinel SIEM and the Microsoft Defender XDR suite. We monitor these tools for threats 24x7 on your behalf, customize and tune your Microsoft systems for optimal performance, and take response actions in Defender XDR to address security incidents before damage is done.
Microsoft 365 E5 license provides significant security value. As a longtime Microsoft Security partner, Trustwave is in a great position to help you maximize the value of your E5 investment.
