Bytes - Smarter together
Bytes - Smarter together

Back to Case Studies

Elevating NHS Cyber Defence and Efficiency with Microsoft Defender

 
Gennaro Migliaccio
Cloud Security Architect
Aligned Specialist
 
Ian Holroyd
Team Lead Public Sector Sales NHS
Aligned Account Manager
 
Georgia Moore
Senior Public Sector Marketing Executive
Author

Overview

University Hospitals of Derby and Burton NHS Foundation Trust (UHDB) is one of the largest hospital providers in the NHS, employing 14,500 people across five hospitals and a range of other community sites.
In collaboration with Bytes, the Trust embarked on a mission to optimise endpoint protection by adopting Microsoft Defender for Endpoint, aiming to empower internal teams and maximise the benefits of modern security technology.

Challenge

Despite deploying Microsoft Defender for Endpoint in passive mode alongside an existing antivirus solution, the Trust faced several key challenges:

  • The internal team required a deeper understanding of Defender for Endpoint’s capabilities.
  • There was a need to optimise platform usage and fully leverage its features and benefits.
  • Migration planning and integration with future technologies such as Microsoft Intune required expert guidance.
  • The Trust sought to improve incident response and operational efficiency through advanced training and knowledge transfer.

As a team we took advantage of the fast track MDE sessions offered by Bytes. Each session covered a different topic, they were all informative and well structured, demonstrating functionality within MDE and InTune. Gennaro has a lot of hands-on experience which he shared throughout the sessions along with links to useful resources and documentation. I highly recommend them for anyone looking to deepen their understanding or get expert advice and training in the products.

Sarah Gay, University Hospitals of Derby & Burton NHS Foundation Trust

The Bytes Solution

Bytes delivered a comprehensive consultancy programme, leveraging FastTrack funding to provide four structured knowledge share sessions. The approach included:

  • Initial scoping to understand the Trust’s requirements and current environment.
  • Workshops covering the capabilities and features of Microsoft Defender for Endpoint, comparison with the existing solution, and high-level migration planning.
  • Guidance on networking prerequisites, troubleshooting, and deployment methods.
  • Administration training using Device Tagging and Device Groups.
  • Exploration of Endpoint Security policies in both Microsoft Intune and Group Policy.
  • Incident management training, including advanced investigations and hunting with KQL.
  • Support in creating custom KQL and PowerShell queries (using Microsoft Graph API) for device reporting.

Benefits

The engagement with Bytes has significantly improved the Trust’s cyber security maturity.

Key benefits include:

  • Enhanced understanding of Defender for Endpoint’s platform and capabilities.
  • Increased confidence and efficiency in incident response and platform usage.
  • Knowledge transfer to the wider team, supporting adoption and operational autonomy.
  • Improved ability to investigate incidents and create custom queries, boosting both security and operational efficiency.

Connect