In the May 2018 results at the security lab of AV Comparatives , Microsoft Windows Defender Antivirus performed very well. Often seen as a mediocre solution over the years, Microsoft’s solution is stepping to the plate.

But it isn’t just one solution. Microsoft’s answer has to be seen as a holistic approach as it integrates with Office 365 and its other defense layers as the company depicts here:

Physical security

  • 24-hour monitoring of datacenters.
  • Multi-factor authentication, including biometric scanning for datacenter access.
  • Internal datacenter network is segregated from the external network.
  • Role separation renders location of specific customer data unintelligible to the personnel that have physical access.
  • Faulty drives and hardware are demagnetized and destroyed.

Logical security

  • Lockbox processes  for a strictly supervised escalation process greatly limit human access to your data. Learn how to activate Lockbox .
  • Servers run only processes that are whitelisted, minimizing risk from malicious code.
  • Dedicated threat management teams proactively anticipate, prevent, and mitigate malicious access.
  • Port scanning, perimeter vulnerability scanning, and intrusion detection prevent or detect any malicious access.

Data security

  • Encryption at rest protects your data on our servers.
  • Encryption in transit with SSL/TLS protects your data when it’s transmitted between you and Microsoft.
  • Threat management , security monitoring, and file/data integrity prevent or detect any tampering of data.
  • Exchange Online Protection  provides advanced security and reliability against spam and malware to help protect your information and access to email.

User controls

  • Office 365 Message Encryption  allows users to send encrypted email to anyone, whatever email service recipients may use.
  • Data loss prevention can be combined with Rights Management and Office 365 Message Encryption to give greater controls to your admins to apply appropriate policies to protect sensitive data.
  • S/MIME provides message security with certificate-based email access.
  • Azure Rights Management  prevents file-level access without the right user credentials.

Admin controls

Tab panel for expanded tab number5

  • Multi-factor authentication protects access to the service with a second factor such as phone.
  • Data loss prevention prevents sensitive data from leaking either inside or outside the organization while providing user education and empowerment.
  • Built-in mobile device management capabilities allow you to manage access to corporate data.
  • Mobile application management within Office mobile apps powered by Intune provides granular controls to secure data contained in these apps.
  • Built in antivirus and antispam protection along with advanced threat protection safeguard against external threats.
  • Office 365 Cloud App Security provides enhanced visibility and control into your Office 365 environment.