Beachhead Solutions has added Windows security management to its flagship remote device protection platform.
Available now at no extra cost to premium-level users of BeachheadSecure for MSPs, the new functionality lets technicians view and control Microsoft Defender Antivirus, Microsoft Defender Firewall, and the Controlled Folder Access feature in Microsoft Windows through the same interface they use to remove access to or delete data on compromised devices.
As a result, what was previously a tool for remotely locking down lost or stolen devices and responding to credential theft is now a system for protecting customers from ransomware as well, according to Cam Roberson, Beachhead’s vice president of sales and channel development.
“Everybody is solely focused on ransomware, and for good reason,” he says. “We’re providing a more well-rounded product that addresses all threats now.”
Users can employ the new capabilities in conjunction with the Beachhead product’s RiskResponder feature as well. Introduced last year, RiskResponder lets MSPs enforce automated actions like denying access to remote data, deleting the data, or quarantining an entire device under preset conditions, such as successive invalid login attempts or connecting to the internet from outside a prescribed geographic area.
“You can automatically respond, and in a way that’s appropriate for you and for your client,” Roberson notes.
Known as SimplySecure for MSPs until early last year, BeachheadSecure for MSPs supports PCs, smartphones, tablets, servers, and USB storage devices. From the beginning, Roberson says, the solution has always taken advantage of existing services like Microsoft’s BitLocker encryption technology rather than replace them with redundant equivalents.
“It’s consistent with our approach from the get-go,” he observes. “We believed and we still do that leveraging stuff that’s built into the OS and the hardware is a better approach.”
Interest in Microsoft Defender for Endpoint, the security system that includes Defender Antivirus and Firewall, has risen in recent years among MSPs and their clients in parallel with rankings from respected third-party testing organizations like AV-Comparatives and SE Labs. In response, security vendor Huntress introduced a managed Microsoft Defender service last October and BlackPoint Cyber shipped a comparable offering last month. Similar functionality from Kaseya’s RocketCyber unit will be built into Datto’s forthcoming managed SOC solution.
Microsoft Defender for Endpoint has been included in the Business Premium edition of Microsoft 365 as part of a larger service called Microsoft Defender for Business since May, making it a cost-effective endpoint protection option for most Microsoft 365 users.
Controlled Folder Access is a feature included in Windows 10 and 11 that lets organizations grant access to specified data on a zero-trust basis only to whitelisted applications.
Roberson, who declined to provide specifics, said that Beachhead plans to add remote protection for exfiltrated data to BeachheadSecure for MSPs in the near future. “I don’t think there’s anything that I’m aware of that does that,” he says.
Threat actors are increasingly using exfiltration to extort additional money from ransomware victims. Exfiltration rates are up 106% versus five years ago, in fact, according to security vendor Titaniam’s 2022 State of Data Exfiltration and Extortion report.