ThirdSpace ThirdSpace
Close 0 Reset Search Run Search What are you looking for? Type at least three characters to search. Filter Search Results
  • All Content
  • Blog
  • Case Studies
  • Event
  • Resources
  • News
  • Careers
  • Access Centre
  • Technologies
  • Workshops
  • Solutions
  • People
Load more
26 April 2017

Microsoft 365: E3 vs. E5 – Who comes out on top?

Mathew Richards

When it comes to deciding which Microsoft 365 Enterprise license fits your organisation best, there’s a lot of information to process.

As you will be able to tell if you’ve read our guide to Microsoft 365 licensing, the suite contains a lot of technology.

Here we’ll make it easier for you to confidently make a decision between the available licenses: E5 and E3. We’ll be taking a closer look at each of the core elements Microsoft 365 Enterprise – Windows 10, Office 365, and Enterprise Mobility + Security – focusing specifically on what additional capabilities the E5 advanced workloads can offer your business.


Windows 10 Enterprise

Anti-malware/virus is no longer enough on its own. All organisations are encouraged to adopt an “assume breach” attitude to security. A recent survey showed that 46% of compromised endpoints had no malware on them (Mandiant M-Trends Report, 2017), and attackers are just as likely to use an array of more advanced methods to compromise an endpoint: social engineering, direct hacking and inside knowledge, to name just a popular few.

Windows 10 E5 adds a new service – Windows Defender Advanced Threat Protection (WDATP) – that helps organisations to detect, investigate and react to advanced attacks on their networks and endpoints. Your organisation’s threat risk is well presented in a simple-to-use portal/dashboard, with a rich attack timeline for investigation that enables you to prioritise actions and remediate.

With WDATP, Microsoft has added a post-breach layer to the extensive Windows 10 security stack that is already available in E3, across device protection, identity protection, information protection and threat resistance.


Office 365 – Advanced Security

Office 365 E5 is a suite offering that includes features across three categories of investment:

  • Real-time communications and collaboration (Skype for Business)
  • Analytics (Power BI)
  • Advanced Security

A recently-published UK survey has revealed that the use of fake or compromised email accounts (via a practice known as phishing or whaling) to steal information increased by 39% in the last three months of 2016.

Microsoft has a comprehensive set of security technologies built-in to Office 365, which help mitigate against these and many other sophisticated threats.

Advanced Threat Protection

Office 365 ATP provides Safe Attachments and Safe Links by protecting against both known and unknown malware and viruses, providing a cleaner user inbox and better zero-day protection to safeguard your organisation.

All relevant threat information is presented through a clean and clear dashboard, which allows you to see who in your organisation is being targeted and the category of attacks you are facing.

Take a look at our recent blog post for more information on Advanced Threat Protection.

Customer Lockbox

Many organisations want to understand whether your data is truly isolated and define exactly who has access to it (including Microsoft) and for how long.

Customer Lockbox provides you with explicit control in the very rare instances when a Microsoft engineer may need access to your organisation’s content (e.g. to resolve a support issue).

Advanced Data Governance

Data governance is all about keeping your data around when you need it and getting rid of it when you don’t.

With data governance in Office 365, you can manage the full content lifecycle, from importing and storing data at the beginning, to creating policies that retain and then permanently delete content at the end.

Threat Intelligence

Makes sense of the billions of data feeds on threats and aggregates O365 security data by industry, peer organisations. This intelligence partner by smart incident response through attack alerts, detailed forensics and remediation workflows, places you in a position to respond quickly to changing threat conditions.

Advanced Security Management

Advanced Security Management provides threat detection and enhanced visibility into your organisation’s Office 365 usage and shadow IT, so that you can take the appropriate action when there is suspicious activity on your Office 365 tenant and before your environment has been breached.

Advanced eDiscovery

Advanced eDiscovery adds machine learning and text analytics to strengthen the eDiscovery capabilities in E3. It accelerates the sorting of vast quantities of information, helping you to quickly identify relevant data while decreasing cost and risk.

Watch conditional access and multi-factor authentication webinar

View 'Safeguard your data and applications with conditional access controls and multi-factor authentication' and discover:

  • Why conditional access and MFA technologies are essential
  • What actions you can take right now to mitigate the risk of a breach
Watch on-demand now

Enterprise Mobility + Security (EMS)

To call EMS E5 the “advanced security workloads” is doing EMS E3 a slight disservice. There are many great security technologies in E3, particularly Advanced Threat Analytics (ATA). For an overview and demo of ATA you can view our on-demand webinar.

Here we will focus on the extended security technologies in EMS E5.

Cloud App Security (CAS)

CAS gives you visibility and control of shadow IT in your organisation. It can provide you with the ability to set policies (out-of-the-box or custom) that control data sharing and data loss prevention across over 13,000 Microsoft and third-party SaaS apps.

The in-built machine-based learning helps to identify high-risk usage and abnormal user behaviour, which are automatically surfaced through the threat dashboard to help you understand when you need to respond and stop a threat in its tracks.

Azure Information Protection (AIP) P2

AIP extends the rights management function available in E3 to include automatic document classification and labelling. This means you now have the ability to set policies for each new document created, which will enforce or suggest its level of classification, as opposed to relying on users to self-classify each document accurately.

This ensures that you have greater control over your data and information; where it goes and who can open, forward, print and save it. You can also track each document in a portal and revoke access at any time.

Azure Active Directory Premium (AADP) P2

AADP includes all the capabilities in Azure AD Premium P1 (EMS E3) and adds Identity Protection and Privileged Identity Management.

Azure AD Identity Protection

Azure AD Identity Protection leverages billions of signals to provide risk-based conditional access to your applications and critical company data. Azure Active Directory uses adaptive machine learning algorithms and heuristics to detect anomalies and suspicious incidents that indicate potentially compromised identities.

Using this data, Identity Protection generates reports and alerts that enable you to evaluate the detected issues and take appropriate mitigation or remediation actions to keep your organisation and data safe.

Azure AD Privileged Identity Management

Azure AD Privileged Identity Management helps you define, manage and protect defined “privileged” accounts, so you can discover, restrict and monitor administrators and their access to resources, and provide just-in-time access when needed. This minimises the risk of a security breach if – or when – those identities become compromised.

For an at-a-glance view of the current technologies in Microsoft 365 E3 and E5, download our snapshot infographic.


Microsoft 365 Enterprise goes a long way to supporting organisations through the journey of delivering a modern, productive workforce experience, while ensuring data is protected from the latest cyber security threats continuing to proliferate and increase in sophistication.

We have merely revealed the tip of the iceberg when it comes to the variety and breadth of technology available in Microsoft 365. We have focused heavily on the security aspects of included in E5 and highlighted the components that help organisations protect themselves from the latest threats, as well as detect and react to a security breach.

In an “assume breach” world, we all need to think differently about the level of security and protection we need to safeguard our information and data, whilst ensuring that all employees continue to have a simple, seamless and highly productive experience.

The security technology now available in both E3 and E5 variants is extensive and growing, and the per user subscription model (allows user access on up to five devices) has made Microsoft 365 a straightforward, cost-effective and extremely compelling offering, for providing the control to liberate your employees and your business.

Next, watch our conditional access and MFA webinar on-demand and learn why these technologies are key to securing your organisation’s assets.

Or download ‘The business case for cyber security’ e-Guide for best practice on how to take a proactive and pre-emptive approach to tackling the issue.

You may also like...


What is Microsoft modern management – and how can it help you overcome your MDM challenges?


How to build a strong culture with a remote team: Tips and techniques to keep staff engaged and happy


The benefits of adopting a digital collaboration culture with Microsoft Teams

Recent Blog Articles

View All
Mathew Richards
Head of Mobility & Security
Learn More

Need advice? Our experts are waiting...

Simply request a free Vision Call. We can help you with solution ideas, technology education, best practice advice and more.

Request Vision Call
Award-winning solutions Award-winning solutions

Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.

ThirdSpace Please upgrade your browser

You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:

Windows Mac

Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.