How to keep small enterprises protected
This group test focuses on consumer protection, but similar tools are available for all sizes of businesses – including Microsoft’s own SMB protection. Read our How to keep small enterprises protected.
There’s a growing divide between both the companies that provide anti-malware services to home and business users, and the methods they use to deliver them. However, this can leave small business users overwhelmed by choices that seem targeted at much larger enterprises.
The model for home users is primarily still a per-device approach. Perhaps there’s a modest web-based management interface to show which devices are connected to your licence and, in the most sophisticated examples, a summary of what threats they’ve found. But that’s your lot.
Enterprise security is focused on comprehensive endpoint security, with an extensive management system that provides detailed per-device threat, behaviour and activity reporting. Endpoint security solutions often also include protection for Linux or Windows servers, and incorporate network firewall management, email protection, support for cloud servers and virtual machines.
Having all this information at your fingertips is great for security specialists at larger businesses, but the interfaces can be complex and overwhelming for smaller businesses.
Microsoft steps in
Fortunately, a number of companies provide endpoint security solutions specifically for smaller businesses. These combine features that may be familiar from consumer solutions with network deployment, monitoring and smart remediation. The aim is to stop potentially catastrophic malware such as ransomware before it takes hold of multiple devices on your network.
Below: Microsoft 365 Defender is an inexpensive option.
Above: There’s plenty of choice for small businesses in the security market.
First, check your existing licences and subscriptions. If you’re on the Business Premium tier of Microsoft 365, for example, you already have a Microsoft Defender for Business subscription. Defender for Business’ dashboard is one of the simplest you’ll find in endpoint protection. It automates a great deal, making it easy to handle threat reports and roll out protection to everyone on your subscription.
Recent events compel us to include a caveat here: if an update goes wrong, it can have a large-scale impact, such as a recent Defender for Enterprise update that deleted users’ application and Start menu shortcuts. This caused chaos. Microsoft was quick to roll out an update, but affected users systems’ couldn’t be fixed automatically.
This situation is symptomatic of regularly updated software supply chains in general, but the level of integration Microsoft Defender has with Windows arguably provides more potential for things to go wrong.
Beyond Microsoft
Microsoft’s pricing for SME antivirus is competitive, but it’s by no means the only notable player in this space.
Avast, Bitdefender, Malwarebytes, Sophos and Trend Micro all have well-regarded small business security solutions, many of which can be bought directly without the process of obtaining individual quotes, although doing so can get you a better deal.
Avast’s Business Security range starts at $ per device per year for a managed antivirus, ransomware, data protection and identity protection solution. Higher tiers cost up to $ per device per year and add features such as a VPN and patch management. There’s also USB device blocking to prevent files from being taken off-site.
Bitdefender’s GravityZone Business Security does a little more, with modules including email security and full disk encryption of your endpoints. Prices here scale depending on how many devices you need to protect, but start at $ per year for five devices.
Malwarebytes leans into cloud protection technologies. Malwarebytes for Teams is inexpensive, but it’s also a standalone product without central management, so isn’t appropriate for most office deployments. Malwarebytes Endpoint Protection starts at $ per device per year and includes USB device control, optional Windows and Linux server licensing and a sophisticated cloud management console.
You’ll have to get a quote from Sophos, but the company offers a range of SMB-oriented options, whether you require managed cybersecurity, have your own IT team in-house, or wish to deploy hardware appliances.
You’ll also have to get a quote from Trend Micro, but the firm is known for scalable solutions for small and medium enterprises, with all-in-one management tools that cover endpoint, network and email security.
Business antivirus uses the same detection technology as its consumer counterparts, but provides extra layers of defence and is typically more paranoid. After all, user freedom to install whatever takes their fancy is rarely desirable in the workplace.
Just as we’ve used data from reputable anti-malware testing houses to assess consumer antivirus suites in this group test, similar data about enterprise anti-malware is available for free from selabs.uk, av-test.org and av-comparatives.org.