Setting up Microsoft Defender for Business with a simplified configuration

• Author
• Recent Posts

Brandon Lee

Brandon Lee has been in the IT industry 15+ years and focuses on networking and virtualization. He contributes to the community through various blog posts and technical documentation primarily at Virtualizationhowto.com.

Latest posts by Brandon Lee (see all)

• What’s your ENow AppGov Score? Free Microsoft Entra ID app security assessment - Thu, Nov 30 2023
• Docker logs tail: Troubleshoot Docker containers with real-time logging - Wed, Sep 13 2023
• dsregcmd: Troubleshoot and manage Azure Active Directory (Microsoft Entra ID) joined devices - Thu, Aug 31 2023

Instead of offering all the "nerd knobs" that can be configured and tweaked, the simplified configuration process with Microsoft Defender for Business allows organizations to implement security policies with a wizard-like experience. This simplified configuration is an optional workflow that makes configuring Defender for Business easier.

However, you can bypass this process and manually perform the necessary steps by visiting each configuration dashboard. Choosing the wrong settings or missing essential parts of the configuration can leave systems open to compromise or attack.

For the most part, default policies are sufficient. Therefore, Microsoft promotes the Microsoft Defender for Business simplified configuration as the recommended option for most customers.

With the simplified configuration, you benefit from the following:

• Implementing Microsoft Defender for Business is streamlined.
• You don't have to have deep technical security expertise or staff full-time security personnel to manage Defender.
• Once devices are onboarded in the cloud environment, they are immediately protected by the default settings.
• The default settings can be tweaked and customized for each business as needed.
• You are not limited to the default policies and can add new policies as needed.

The following capabilities are provided by Microsoft Defender for Business for the simplified configuration:

• It allows businesses to configure Defender for Business.
• You can easily view and manage incident reports.
• When threats are detected, you can quickly respond to and mitigate them.
• It allows IT admins to view security reports.
• You can review completed or pending actions.

Overview of the simplified configuration process

The overall setup and configuration process involves the following steps:

1. Review the requirements of Microsoft Defender for Business.
2. Assign roles and permissions to grant your security team access to the Microsoft 365 Defender portal.
3. Manage email notifications for the security team and other key stakeholders.
4. Onboard devices: If you are already using Intune, you will be asked if you want to use automatic onboarding to establish the connection between Intune and Defender for Business.
5. Configure your security settings and policies. This includes security policies, firewall settings, and other recommended configurations.

Workflow of the Microsoft Defender for Business configuration wizard

Using the simplified configuration

Let's look at the screens of the simplified configuration. The wizard will begin when you first navigate to Endpoints > Device inventory on the Security dashboard. The setup wizard will guide you through the setup process for configuring Microsoft Defender.

On the Apply security settings screen, you will see the option to Use the simplified configuration process. You also have the option to Enable security settings management on devices that are not yet enrolled to Microsoft Endpoint Manager. This enables applying the recommended security configuration settings to all new devices that are added to the environment.

Apply security configuration settings using the simplified configuration

That's it. With a simple button and toggle chosen, you can apply the recommended security configuration settings to your environment.

Final notes

The Microsoft Defender for Business simplified configuration wizard streamlines applying the recommended security configuration settings in your environment.

Microsoft has made this a wizard-driven process that helps you quickly and easily configure recommended security policies in your environment. With a simple toggle, you can also ensure that all new devices that are onboarded receive the configurations from day one, helping to enforce the security and governance lifecycle in your environment.