New security products seemingly pop up all the time. One of the products I have heard a great deal about while interacting with IT managers -- especially those at small to midmarket organizations -- is Microsoft Security Essentials.
So what exactly is it? What use does a midmarket organization have for Microsoft Security Essentials? How useful will it be when battling common security threats? And for an organization that uses Microsoft Security Essentials, what other antimalware tools and strategies will be needed? That's what we'll cover in this tip.
Though it's not perfect and may not beat rival commercial endpoint antimalware offerings, it's critical to remember that Microsoft provides Security Essentials free of charge.
In order to answer these questions, we must first examine the product's key features. Microsoft Security Essentials is a freeware antivirus software product that provides protection against different types of malware, including computer viruses, spyware, rootkits and Trojan horses for Windows-based operating systems (XP and above). It debuted in June 2009, and in July of this year Microsoft Security Essentials 2.0 was released, which includes an updated antivirus engine, protection against Web-based threats, and a network intrusion detection system (IDS) that works on Windows Vista and Windows 7.
Microsoft Security Essentials marks a major change in Microsoft's consumer antivirus product marketing strategy. Instead of offering subscription-based antivirus software and bundling it with a host of other tools, Microsoft Security Essentials is free for all genuine installations of Windows. Plus, it is a more comprehensive software product that replaces Windows Live OneCare, a commercial subscription-based antivirus service, and the free Windows Defender, which only protected users from adware and spyware.
The key thing to bear in mind with Microsoft Security Essentials is that it is primarily targeted for consumer use and not the enterprise. It is not intended for business use (with an exception for small, home-based businesses). So then, why would it be relevant for the small to midmarket organization?
While Microsoft Security Essentials is intended for the consumer market, when it is combined with Microsoft Forefront Client Security, organizations gain the ability to centrally manage their information security environment, which is a key capability lacking when Microsoft Security Essentials is used independently. This is relevant for the SMB because it provides the ability to both view and run reports on the overall security status of the computer devices within the environment. This combines with the ability to significantly reduce support time due to the ability to remotely identify problems within the environment. By itself, Microsoft Security Essentials provides the minimum requirements for computer security. However, any small to mid-size company considering MSE should combine it with Microsoft Forefront Client Security.
Unlike many other endpoint security software offerings, Microsoft Security Essentials is relatively easy to install and easy to use. Updates and upgrades are automatic, so there's no need to worry about seeking out and installing the latest improvements. It automatically checks for and downloads virus definition updates, which are published three times a day to Microsoft Update. (Manual updates are also available from Microsoft's Security Portal.) It's pretty straightforward to tell if you're protected: When the Security Essentials icon is green, your status is good. It's unlikely to be painful for users and security administrators to deal with.
Microsoft Security Essentials isn't resource-intensive, and still offers a number of options. It runs in the background and provides an alert only when user action is necessary. From what I have seen, its use of system resources is minimal, making it ideal for client devices less than 30 months old (older devices should be tested more carefully to evaluate the performance effects). MSE offers three computer virus-scanning options: quick scans, full scans and custom scans. The quick scan checks the most vulnerable parts of a system and takes an average of five to 10 minutes to complete. A full scan takes longer depending on the density and total number of files on a hard drive. On the down side, it took a long time to perform a full scan of my system when compared with other similar products, which appears to be a common theme among a number of independent reviewers. It would also be nice to have more admin-like control over key settings around scanning and reporting, but these are the few downsides of the product, and they are fairly minor. MSE really does cover an SMB's essential security requirements nicely.
Though it's not perfect and may not beat rival commercial endpoint antimalware offerings, it's critical to remember that Microsoft provides Security Essentials free of charge. The quality of the product is good overall and it matches up favorably against other free client antivirus offerings. The main value when compared to other free client antivirus offerings though is that it is supported by Microsoft. Given the number of SMBs that run on a Microsoft environment, this is a key differentiator. Combining this with the already mentioned positives (ease of use, ability to deploy and accuracy) Microsoft Security Essentials makes a lot of sense as a starting point for SMBs who may have little to no formal security controls in place.
Keep in mind that as a free product it is limited, but with a little bit of work, small to midsize organizations can use Microsoft Security Essentials to not only keep endpoints free of malware, but also do so without having to purchase business-grade software. However, I would recommend combining Microsoft Security Essentials with Microsoft Forefront Client Security for the best overall experience. Since Microsoft's target audience for Microsoft Security Essentials is the consumer market, not the enterprise of any size beyond the smallest of organizations (small, home-based organizations), it doesn't natively include the management features that most companies need.
About the author:
Robbie Higgins is vice president of security services at GlassHouse Technologies. Higgins has spent his entire professional career in the technology arena, focusing predominantly on the alignment of information technology and information Security with business requirements. For more than 18 years, he has been a significant contributor to major global corporations, most notably Motorola and Intel. He has held a wide range of positions, including Product Engineer, Information Technology Business Development and Director of Information Security. In his most recent role as Managing Director of the Security Services division within Motorola, he was responsible for the development and delivery of professional services, managed services and security solutions across all business units serving telecom, enterprise and government markets.
This was first published in October 2010