As easy as ATP – which Microsoft protection product do I need?

Microsoft has been at the forefront of securing data for some time, and has always offered this service to its customer base as a way of sharing the tools it’s developed to a wider audience.

To this end, Microsoft is in quite a unique position, as the services it provides (Office 365, Azure, and Windows 10 to name a few) are all entirely its own, meaning its people already know the background of the products they’re creating the security measures for. This isn’t a situation where you sometimes find third-party providers needing to partner with someone to provide a security layer – this is the same company, which brings a nice added bonus to the offering itself.

The most popular of these security add-ons is Advanced Threat Protection (ATP). This does exactly what it says on the tin (which is the same for most Microsoft add-on SKU names – the hint is in the name) and offers an advanced level of protection for the product set you’re purchasing it for. The issue is there are several different variants of ATP available on the market, so knowing what each one does is vital for making sure you purchase the right protection for your business.

I’m going to break these down into available options and explain what each one does in the hope I can help you untangle some of the queries you may have when looking into the world of ATP.

There are three main types of ATP available from Microsoft:

1. Office 365 Advanced Threat Protection
2. Azure Advanced Threat Protection
3. Microsoft Defender Advanced Threat Protection

Office 365 Advanced Threat Protection

This is Microsoft’s most popular option out of the trio, and protects email and data across the Office 365 stack (Exchange, OneDrive, Teams, SharePoint). It’s essentially an anti-malware tool that predicts what would happen if a user were to click on an attachment or file in an email. If it detects anything suspicious or dangerous the file in question will be blocked, reducing the likelihood of human error.

But it’s not just a standard anti-malware tool. It also protects against malicious URLs being sent, as well as phishing attacks which, more so then ever, are becoming one of the most common ways of illegally accessing company data.

Azure Advanced Threat Protection

Azure ATP is focused more on identity-level protection than it is on files. Its main goal is to alert you to anything suspicious coming through your Active Directory domain controllers. It will block the most common of attempts (“pass the hash hacking”) whilst also looking at anything outside of the user’s standard behaviour, creating information which is then investigated.

Microsoft Defender Advanced Threat Protection (MDATP)

Finally, the focus of MDATP is to protect your endpoints, be that your devices or servers. Microsoft has released this as a way of ensuring the migration to Windows 10 is as safe as possible, as this product can even be used on older operating systems.

It should be noted that MDATP is most effective whilst running in a Windows 10 OS, as it works with other features from within the operating system to give you robust endpoint protection. Up until recently, this offering was only available from inside the Microsoft 365 E5 suite, but has now been released as a standalone offering and therefore can be purchased on its own if required.

Microsoft Defender ATP is great to have alongside its Office 365 and Azure counterparts. Using this three-pronged approach to ATP, you know you’re covering every possible avenue of intrusion, be it file, credential, or device.

If you would like to discover more about Microsoft’s ATP offerings, please speak to your Account Manager, or get in touch with the team.