Kaspersky Endpoint Security Cloud Plus review: One security solution to rule them all

Kaspersky is easy to manage, good value and tough on malware

A screenshot of Kaspersky Endpoint Security Cloud Plus

IT Pro Verdict

Pros

  • +

    Affordable licensing

  • +

    Heaps of security features

  • +

    Simple deployment

Cons

  • -

    Microsoft 365 management requires separate portal

Kaspersky’s Endpoint Security Cloud Plus (ESCP) offers some of the most flexible licensing terms in the business. While some vendors expect you to purchase separate licence packs for different types of devices, each Kaspersky user licence covers one workstation, laptop or server, plus two iOS or Android mobile devices.

The service is designed to protect up to 1,000 Windows and Mac workstations and Windows servers, and is managed entirely in the cloud. The extensive roster of security features includes anti-malware, threat and ransomware protection, a client firewall, network vulnerability scanning and an attack blocker.

On top of all this, the Plus subscription we tested adds endpoint device controls, URL-based web filtering, vulnerability assessments, patch management and encryption. It also adds the ability to block any email, file-sharing, messaging or social networking cloud services in use by your clients, while the standard licence only lets you monitor activity.

A final benefit of the Plus licence is the Security for Microsoft 365 component. This provides dedicated security services for Exchange Online, OneDrive, SharePoint Online and Teams, with its data discovery tool highlighting files identified as containing sensitive information.

Deployment starts with creating a Business Hub account and defining your company. You’re then taken to the ESCP web portal, where wizards guide you through adding users, enabling cloud discovery and scheduling updates and scans.

Then you just need to get the software onto clients – and this too is painless, as you can email invitations to users directly from the cloud portal. We found the client software took around five minutes to install, then a further 15 minutes to fully register itself with the portal and update its signature database.

A screenshot of Kaspersky Endpoint Security Cloud Plus

A default security profile is applied to each new device so full protection starts immediately, but it’s easy enough to create custom ones. There’s a huge range of options on offer, with clearly distinguished settings for Windows, Mac, Android and iOS devices.

For example, file, web and network threat protection are available for Windows and Mac devices, while Android users get standard antivirus measures. Since iOS is so locked down, the only options available here are access controls, which let you choose what mobile features are accessible, set screen lock and password policies and specify which networks can be connected to.

RELATED RESOURCE

The truth about cyber security training

Stop ticking boxes. Start delivering real change.

FREE DOWNLOAD

It’s also worth noting that cloud discovery is only available for Windows devices. It works well, though: after you’ve given it a few hours to build up a picture of your network traffic, the portal shows a handy readout of the top five services and the devices using them.

Another Windows-centric feature is patch management. All available updates are displayed in the portal, and you can set a daily or weekly schedule to apply them all, or only those you’ve approved.

To make use of the Security for Microsoft 365 component you need to create a new workspace in your cloud account, which presents a separate portal. After granting access to our account, we were able to create profiles to protect our Exchange Online mailboxes from spam, phishing and malicious attachments, and apply anti-malware policies to our files in OneDrive and SharePoint Online.

The data discovery service, meanwhile, works with Exchange, OneDrive and SharePoint data, sending an alert to selected users if it finds confidential information. As with the ESCP portal, plenty of information is presented, with detection statistics for Exchange mailboxes, OneDrive files and SharePoint data.

Businesses seeking both device security and protection within Microsoft 365 will find Kaspersky Endpoint Security Cloud Plus has all the angles covered. You do need to use separate portals to manage everything, but there’s a huge range of security features on offer, and Kaspersky’s licensing scheme makes it very affordable.

Dave Mitchell

Dave is an IT consultant and freelance journalist specialising in hands-on reviews of computer networking products covering all market sectors from small businesses to enterprises. Founder of Binary Testing Ltd – the UK’s premier independent network testing laboratory - Dave has over 45 years of experience in the IT industry.

Dave has produced many thousands of in-depth business networking product reviews from his lab which have been reproduced globally. Writing for ITPro and its sister title, PC Pro, he covers all areas of business IT infrastructure, including servers, storage, network security, data protection, cloud, infrastructure and services.