Great content delivered right to your mailbox

Thank you! Check your inbox for our monthly recap!

Some managed service providers (MSPs) don’t see the revenue-generating potential of cybersecurity services. They simply treat cybersecurity as just another cost of doing business. A better way to look at it is protection against lost income. MSPs should work with their small and mid-sized business (SMB) customers to prioritize reliable security tools, like those in the Microsoft Defender solution family. And while deploying multiple services is an excellent defense in depth strategy, many SMB customers assume the cost of such a plan is out of their reach.

That is not true. By leveraging the full suite of options available in the Microsoft Defender service family, MSPs can address their SMB customers’ specific needs without using their entire IT budget.

This article explores how the entire family of MS Defender services work, how they make life easier for managed service providers and their SMB customers and lays out all the pertinent plan details, so you understand your options.

What is a defense in depth strategy?

A cybersecurity defense in depth strategy involves deploying multiple layers of security measures. The underlying assumption of this strategy is that no single security measure will catch 100 percent of threats. But layering several 90 or 95 percent-successful security measures one after the other will provide the best possible protection for your customers’ resources. The key resources you can layer protections onto include:

  • Identities—You want to ensure users can access the right resources.
  • Devices—Secure all customer endpoints and all entry points into their servers and devices.
  • Apps—Protect access using SSO, authentication, and authorization measures.
  • Data—And you want to prevent unauthorized access to sensitive company information.

What is the Microsoft Defender solution family?

The Microsoft Defender family of services is more than just antivirus software. Cyberthreats have evolved, and Microsoft has diversified its Defender line of cybersecurity software to get ahead of even the most advanced threats. It provides enterprise-grade protection for your SMB customers’ endpoints, servers, and network infrastructure.

There are four main offerings in the Microsoft Defender solution lineup:

  • Microsoft Defender for Endpoint
  • Microsoft Defender of Office 365
  • Microsoft Defender for Identity
  • Microsoft Defender for Cloud Apps

Microsoft Defender for Endpoint

Defender for Endpoint is specifically designed for preventing, detecting, investigating, and responding to sophisticated threats to endpoint devices on business networks. It includes key capabilities that enable it to stay ahead of even the latest threats.

Endpoint behavioral sensors gather and analyze performance data from an endpoint OS and securely transmit it to an isolated cloud instance of Microsoft Defender you manage for your customer. Cloud security analytics provide valuable insights, threat detection, and recommended responses. Microsoft can also aggregate private, de-identified threat data from around the world to formulate new countermeasures as fast as possible.

Microsoft Defender of Office 365

This is an email filtering service sitting right in your customer’s instance of Office 365. It protects against threats targeting Outlook and Exchange email services and other O365 collaboration tools. It also includes the latest threat investigation and remediation tools for professional security teams in your customer’s organization and your MSP to respond to threats.

Microsoft Defender for Identity

This is another cloud-based Defender service. Formerly known as Azure Advanced Threat Protection (Azure ATP), Defender for Identity monitors on-premise Active Directory services for potential threats. It helps MSPs gather threat intelligence, detect and investigate identity compromises, and respond to them before internal or external attackers compromise sensitive data.

Microsoft Defender for Cloud Apps

One of the primary benefits your SMB customers want from moving to the cloud is connectivity. They want data online and shareable, and their apps and services securely connect to all the internal and external cloud resources available. That can introduce novel security threats, though. That is where Defender for Cloud Apps comes in. It is Microsoft’s Cloud Access Security Broker (CASB) for SMBs.

Defender for Cloud Apps is the gatekeeper for your customers’ data and APIs. It allows the connections you want and blocks those you have not approved. It also monitors user activity in the cloud for suspicious events.

Key benefits of Microsoft Defender for SMBs

The Microsoft Defender family of security solutions includes many benefits for both MSPs and their SMB customers. Some of those of most interest to the SMB market include the following:

Their ease of use

To quickly secure devices, installation can be streamlined by utilizing wizard-driven configuration and pre-activated security policies.


Endpoint security integrates with existing IT and keeps organizations running smoothly without breaking the bank.

Enterprise-grade protection

All devices are protected thanks to next-generation detection and response services.

Benefits of deploying Microsoft Defender for MSPs

Offering Microsoft Defender to clients has numerous benefits for service providers as well.

Revenue generation

With a streamlined security solution, you can offer standardized, higher-margin endpoint security services while reducing operating costs.

Reduced risk

For clients and their devices, AI and automation capabilities simplify monitoring, identifying, and quickly responding to cyberthreats.

Multiclient management

When Microsoft Defender is used with Microsoft 365 Lighthouse, you can track security vulnerabilities across your customer base and streamline responses and remediation.

Which Microsoft cloud subscription plans include which Defender products?

Different Defender for Office 365 plans apply to different Business or Enterprise SKUs. Microsoft Defender for Business is available for SMBs as a standalone protection program, as an add-on, or as part of Microsoft 365 Business Premium. If your MSP already has customers using Microsoft 365 Business Basic or Standard, access to Microsoft Defender is a terrific way to upsell clients to Business Premium to gain access to extra features for device threat protection.

Deliver cybersecurity with an expert partner

As an award-winner Microsoft partner, Sherweb is well-versed in the Microsoft ecosystem and can help your MSP deliver the right solutions for clients and make the most of your Microsoft relationship.

Reach out to our Microsoft experts to start a conversation about Microsoft Defender, watch this webinar for more details about the Microsoft Defender lineup, including relevant incentives to help you earn more, or check out our partner guide for more information about how we can help your MSP business succeed.

Written by The Sherweb Team Collaborators @ Sherweb