The latest financial reports showcase that Redmond’s bet on the cloud is paying off. But there’s one place that I think Microsoft could do better: Selling subscriptions to small businesses. I’ve personally found that buying various different cloud subscriptions can be confusing and in some cases, if you buy a cloud service from one vendor it may impact what you can buy from another vendor.
Recently I wanted to buy a single copy of Windows 10 Enterprise including the Advanced Threat Protection service. But before I get into the particulars of my story, let’s step back a bit and explain what these new additional services do and why I wanted to purchase them.
Microsoft has added to Office 365 and to Windows 10 desktops services that allows a savvy end user or a small business to have some interesting forensic tools at their disposal in the form of advanced threat protection service. When it’s added to Office 365, it allows the Outlook user to have additional protections from malware, ransomware and other targeted attacks. It filters urls in messages and filters email attachments. As noted in the literature, it can be added to the following products:
- Exchange Online Plan 1
- Exchange Online Plan 2,
- Exchange Online Kiosk
- Exchange Online Protection
- Office 365 Business Essentials
- Office 365 Business Premium
- Office 365 Enterprise E1
- Office 365 Enterprise E2
- Office 365 Enterprise E3
- Office 365 Enterprise E4
- Office 365 Enterprise K1
- Office 365 Enterprise K2
- Office 365 Education.
Windows Advanced Threat Protection (ATP) allows a savvy end user or an administrator to track what the malicious attacker had access to and what they did on the machine. While the site focuses on enterprise users, it’s clear that any sized firm, small business, or end user is a target for malicious activity. Getting attacked is not a question of if — it’s a matter of when. When you work in certain industries and in the consultant space working for other industries you are often a target for attacks because you could be a conduit into the larger entity.
The ATP console tracks questionable activity and can point out if something is trying to grab credentials, insert ransomware on your system and any number of malicious activity. It can also alert you to what it thinks is malicious activity but really isn’t. In my case at my office I have various network based maintenance tasks that the ATP service wasn’t quite sure if the actions were malicious or not.