Apple computers have steadily become more prevalent in the enterprise over the years.  Love them or hate them, Macs are here to stay in your organization’s IT environment.  Whether they are there due to business requirements, the rise of BYOD, or to just provide choice for your employees, managing them securely is essential.  This is where Microsoft Defender ATP for Mac comes in.

Why Microsoft Defender ATP for Mac?

Since its general availability release in 2006, as Windows Defender back then, Microsoft Defender has slowly gained market share in the endpoint protection space.  While it originally focused on malware, it has evolved over the years to include antivirus.

Microsoft Defender has become a serious option for security due to its tight integration with the Windows ecosystem.  As more and more organizations have evaluated and deployed it, it became obvious that the lack of support for Mac OS was becoming a problem.

When it comes to picking any tool at the enterprise level, multi platform support is essential.  After all, who would want to run two separate environments to protect their assets?  More and more platform vendors are expanding their offerings into new areas to meet these customer demands.

Re-named from Windows Defender to Microsoft Defender this year, Microsoft is getting even more serious about the endpoint protection game.

Deploying and Managing Microsoft Defender for Mac

The good news is there is not a steep learning curve for administrators when it comes to protecting Macs.

Microsoft Defender has a number of deployment options for the software package itself.  While it can of course be deployed manually, deployment can be managed by Microsoft Intune and other software deployment tools.  After installing the client on Macs, data will be available in Microsoft Defender Security CenterConfiguration profiles are built to handle the settings and preferences for the Mac clients.

The profaners are very customizable based on an environment’s requirements.  For example, Passive Mode was released in version 100.67.60, which hides that status icon and disables real-time protection.  You can also exclude directories from scanning with the configuration profile.

After installation, updates to Defender for Mac can be simply handled by the Microsoft Auto Update utility.

Mac OS Requirements for Microsoft Defender

Mac endpoints must be running Mac OS 10.13 or higher, and the installation takes 650 MB of disk space.  Beta versions of Mac OS are not supported.  Microsoft Defender for Mac is available to Microsoft 365 E5 Security and Microsoft 365 E5 customers.

After choosing to deploy Microsoft Defender to protect your Mac environment, you should not run any other endpoint protection products on the target endpoints according to Microsoft.

Beyond hardware and software requirements for Microsoft Defender, end user communication is an important part of the deployment, especially if you have not previously been protecting Mac endpoints in your environment.  While management of endpoints is very similar to that of Windows Endpoints, it is important to make sure you provide on-boarding and training for your Microsoft Defender operations team.

Microsoft Defender has become a serious contender when it comes to endpoint management.  By adding Mac OS, Microsoft is appealing to a new base of users, those who are managing multi OS endpoints, and are using a different tool.