Microsoft Defender for Office 365
June 05, 2024
Microsoft Defender for Office 365
Score 8 out of 10
Vetted Review
Verified User
Overall Satisfaction with Microsoft Defender for Office 365
In our company of ~2500 users, we use Microsoft Defender for Office 365 on a daily basis, or rather, every minute of the working day. This ranges from monitoring Microsoft Defender for Office 365 for Identity sensors and alerts, to managing blocked/allowed senders, removing email threats that got delivered to users, isolating high-risk devices, releasing emails from quarantine, and much more. Microsoft Defender for Office 365 also gives us insights of vulnerable software within our environment on servers and normal workstations, missing KB' for various CVE's, Alerts for suspicious activity or applications, as well as recommendations and possible solutions for other vulnerabilities found within our network. It integrates nicely with the rest of our domain applications, and we have automated sentinel alerts which triggers for various types of events that one needs to monitor. We have recently implemented MDI which is part of the offerings, and found it to be very useful in terms of monitoring logs and events, and sending alerts to the list of people specified in order for action to be taken. Features that are also very important include Company Secure Score, and exposure score, which provides you with detailed stats and analysis to see trends and do reporting on using PowerBI.
Pros
- Device status monitoring
- Reporting
- Vulnerability management
- User activity monitoring
- Threat monitoring
- Threat alerts
Cons
- Improvements can be done on the dashboard side, where certain simple features aren't available
- Even though date settings are configured correctly, I would occasionally still find a 2 hour difference between event times (actual local and event time on the dashboard)
- Another annoyance is where in some cases, actions can only be performed on 100 items at a time, causing huge frustration when there are thousands of items.
- One of the main issue, not just related to Microsoft Defender for Office 365, but all Microsoft products, is that they will make changes in the back-end without notifying us as customers, which in the past has caused things to stop working, only to later find out that Microsoft made changes on their side.
- Only 1 user has been compromised (3 years ago) since implementation, so ROI is good as we haven't had ransomware cases.
- Certain subscriptions or features, depending on your license is a bit costly
- With alerting configured the way we have done, incidents and critical events can be contained before causing catastrophic damages
They are not entirely in the same category, or have the same functionality, but before we had Microsoft Defender for Office 365, the only security we had was in the form of Zscaler products, and filtering and inspection, etc done by our service provider which was Orange Business Services at that point in time. However, I'm sure this stacks up very nicely amongst the others out there.
Do you think Microsoft Defender for Office 365 delivers good value for the price?
Yes
Are you happy with Microsoft Defender for Office 365's feature set?
Yes
Did Microsoft Defender for Office 365 live up to sales and marketing promises?
Yes
Did implementation of Microsoft Defender for Office 365 go as expected?
Yes
Would you buy Microsoft Defender for Office 365 again?
Yes
Comments
Please log in to join the conversation