Windows Defender can be centrally managed by Group Policy and this can be useful for consistency and reliability across the business. To gain this you need to add the “windowsdefender.adm” template file into the Group Policy management console. Once done you can gain 8 policy options including the abilty to enable/disable it.
As I was investigating the related emerging Microsoft Forefront Client Security product I learned that this .adm file is available on any workstation where installed. A search of the system drive resulted in finding it at the path “C:\Windows\inf\”. It should be imported under Computer Configuration->Administrative Templates.