Microsoft Defender for Endpoint finally gets this important feature

Businesses will now be able to use Microsoft Defender for Endpoint to secure their unmanaged endpoint devices. 

First announced in a public preview several months ago, the new capability gives Defender for Endpoint users visibility over unmanaged devices, which Microsoft argues pose the greatest risk to a corporate network’s security, especially in the new hybrid work environment.

“The riskiest threat is the one you don’t know about. Unmanaged devices are literally one of your weakest links. Smart attackers go there first,” said David Weston, Microsoft Director of Enterprise and OS Security.

• We've put together a list of the best endpoint protection software
• Here's our choice of the best malware removal software on the market
• And, these are the best firewall apps and services

Eye on your realm

Compromised unmanaged devices have been used in the past as springboards to launch broader attacks, such as the Equifax breach, which can be traced back to an unpatched vulnerability on an internet-facing unmanaged server. 

Microsoft further drives home the point of reigning in unmanaged devices by leveraging on its survey from October 2020 that revealed that users are 71 percent more likely to be infected on an unmanaged device.

With the new capability, Defender for Endpoint will be able to sniff out unmanaged workstations, servers, and mobile endpoints (Windows, Linux, macOS, iOS, and Android) that haven’t yet been onboarded and then secure them.

Furthermore, the new capability also discovers network devices, such as routers, firewalls, VPN gateways and adds them to the device inventory using periodic scans.

One of the interesting features of Defender for Endpoint’s new capabilities is the built-in logic that can differentiate between corporate and personal networks to ensure it doesn’t accidentally add your private devices not controlled by the organization to its list. 

• Protect your devices with these best antivirus software