Want to beef up your security and compliance capabilities without jumping to a full E5 licence? Microsoft 365’s E5 Security and Compliance add-ons could be the answer.
It’s no secret that Microsoft 365 E5 features industry-leading security and compliance technology. It’s also no secret that an E5 licence is the most expensive Microsoft licence available.
A full E5 licence isn’t necessarily the right option for every organisation. Some may need to prioritise better threat detection and response powers over more granular compliance features and vice versa.
And some may want both of those things but not the additional phone and conferencing capabilities that come with a full E5 licence.
To provide the flexibility for organisations to access (and pay for) just the bits that they need, Microsoft has grouped some of the Microsoft 365 E5 security and compliance technologies into their own SKUs that can be applied to a Microsoft 365 E3 licence.
In this blog, we’ll explore these two add-ons. Covering what each SKU is, what it includes, what they cost, and whether they’re worth having.
The Microsoft 365 E5 Security add-on acts as a sub-set of the Microsoft 365 E5 licence – allowing organisations to access Microsoft’s top-tier security technologies without paying for a full E5 licence.
It’s often thought that E5 Security only provides access to the E5 level Enterprise Mobility + Security (EMS) technologies. E5 Security actually spans a selection of security technologies from across EMS, Office 365 Enterprise, and Windows 11 Enterprise.
This ensures that you get the full benefits of Microsoft’s integrated, holistic approach to security by providing a layer of advanced security technologies that sit across your entire environment – enhancing and working with your existing Microsoft technologies and services.
Remove the complexity from Microsoft’s comprehensive security technology ecosystem. Download the 43-page e-Guide today and understand:
The following plans and technologies are included in the Microsoft 365 E5 Security SKU:
As part of E5 Security, you’ll get access to Azure AD Premium Plan 2 (AADP2), which contains some effective identity management features:
One of three ‘Defender’ suites included in E5 Security, you’ll get both Plan 1 and Plan 2 versions of Defender for Office 365.
Plan 1 includes:
Plan 2 includes:
In a case of ‘doing what it says on the tin’, Defender for Endpoint helps protect endpoint user devices and access.
Using a combination of embedded behavioural sensors in Windows 11, Microsoft threat intelligence and cloud security analytics, Defender for Endpoint will help you identify compromised devices and activity – shutting down lateral movement attacks, fast.
Some of Defender for Endpoint’s features will be available in E3 under Plan 1 in 2022, but as part of Plan 2, you’ll get access to the following:
With 61% of breaches attributed to leveraged credentials (Verizon, Data Breach Investigations Report, 2021), monitoring and reacting to compromised identities is key to securing your environment – which is exactly what Defender for Identity was designed to do.
Defender for Identity utilises your on-premises Active Directory to detect and investigate suspicious user behaviour. Identity-based attacks typically target low-privileged users and then move laterally through your network to gain access to sensitive data and privileged accounts.
Defender for Identity helps you build a timeline of suspicious activity, identifying not only where the original breach occurred but the attacker’s direction of travel through your environment.
Defender for Cloud Apps (previously called Cloud App Security) is a cloud access security broker, providing controlled access to cloud-based apps and services.
It does this by analysing things like device/user location and security configuration – this helps identify the use of any shadow IT devices and protects against suspicious access attempts.
It also helps you to identify any unapproved applications in use and keep sensitive data in the Cloud secure.
By employing Defender for Cloud Apps, managing the security and compliance of your cloud apps and resources becomes much easier.
The second sub-set of Microsoft’s E5 licence allows you to add Microsoft’s top-tier compliance technologies to your E3 licence.
As legislation and data protection laws only increase in their importance, these technologies will become essential for enterprises that possess large amounts of sensitive data that needs to be identified, managed, and secured.
This will help show compliance at audit, offering detailed reports of what you have, where, and the proven ability to keep it safe.
The below are all available as individual licences, but as part of the E5 Compliance add-on, you’ll get access to:
Designed to help you respond to legal investigations or requests, Advanced eDiscovery enables you to easily identify persons of interest, associated data sources, and apply legal holds to that data.
Advanced eDiscovery identifies in-place data from across Teams, Yammer, SharePoint Online, OneDrive for Business, and Exchange Online. This functionality can also be extended to third-party sources via data connectors.
Adhering to the Electronic Discovery Reference Model, Advanced eDiscovery allows you to perform the following steps to reduce and manage relevant data on a case-by-case basis:
When it comes to cyber security, the focus is typically on those trying to get in rather than those already inside.
But internal users can also pose a significant threat – whether by accident or deliberate action.
Insider risk management helps prevent various illegal, unauthorised, inappropriate, or unethical behaviour within your organisation. Using pre-defined policy templates and conditions, you can easily define what actions trigger an alert and what preventative or precautionary measures are implemented as a result.
When an alert has been triggered, your analysts can then create cases to investigate suspicious activity in greater detail and take any appropriate action required.
Utilising insider risk management can help you guard against:
Key features of the insider risk management suite are:
Microsoft’s information protection and governance suite is designed to help you achieve four things: know what data you have, protect that data, prevent data loss, and effectively govern it.
Having the ability to locate and protect data wherever it travels is key to remaining compliant with increasingly stringent data protection regulations.
Microsoft’s governance technologies will be especially important to highly regulated organisations such as those operating in financial services, healthcare, legal services, etc.
Key features of the information protection and governance suite are:
The Microsoft 365 E5 Security and Compliance add-ons are available if you already have any of the following licences:
Primarily used as add-ons for Microsoft 365 E3 licence holders, it should be noted that individual licensing plans are also available for Defender for Office 365, Defender for Endpoint, and Azure AD Premium, as well as the three licences that make up the Microsoft 365 E5 Compliance SKU.
Each complete E5 add-on will cost you around £9 per user/per month. If you were to purchase both the Security and Compliance add-ons you would have access to nearly all the E5-level technologies (barring audio conferencing, a phone system, and Power BI Pro).
But if that’s something you may be considering, then simply upgrading to a full E5 licence would be the recommended option – both to simplify your licensing costs and to ensure you get the full benefits.
There’s also a price increase coming to Microsoft 365 in March 2022, but E5 will remain the same cost. So, it’s worth looking into what your preferred licensing combination could cost you per user/per month as you may be paying close to, or even more than, an E5 licence.
In 2021, Microsoft, the Government Digital Service, and the National Cyber Security Centre, updated their security and compliance guidance for UK public sector organisations using Microsoft 365.
Based on a tiered approach of ‘Good’, ‘Better’, and ‘Best’, the advice is that most organisations need to be hitting the ‘Better’ standard.
To do that, you’ll need access to the E5 level security technologies at least, to hit the ‘Best’ level you would need both add-ons or an E5 licence.
The ability to prove you have effective security and compliance capabilities in place will put your organisation in good stead for future threats and data legislation.
Whether it’s one add-on, both, or a full E5 licence, the security and compliance technologies included in Microsoft 365 E5 are becoming crucial to the success of modern enterprises – so it’s well worth putting some thought into what combination or solution works best for you.
It’s possible to trial some of the individual technologies included in E5 Security and Compliance, but not as an entire licence. Our recommendation is to use a Microsoft Partner to help you identify the best course of action, as they can support you through the entire process from selecting a solution to design and deployment.
Using a Partner will also enable you to take advantage of Microsoft’s FastTrack programme, giving you access to resources and specialist expertise to get you up and running much sooner.
Submit your business email to join our mailing list. You'll get a handy E3 vs. E5 comparison guide, covering Office 365, Windows 10, and EMS.
As head of our Mobility & Security practice, Mat’s responsibilities include ensuring that our technical knowledge and delivery capability are fully up to speed and current, as well as creating a...
READ AUTHOR'S FULL BIO
Understand what each Microsoft technology does and how they all integrate.Download 43-page Guide
Send us your questions or feedback.
Friendly folks are standing by!
Eight-time winner of the Microsoft Partner of the Year Award for Identity Management, Enterprise Mobility, and Security and Compliance.
You are seeing this because you are using a browser that is not supported. The ThirdSpace website is built using modern technology and standards. We recommend upgrading your browser with one of the following to properly view our website:Windows
Please note that this is not an exhaustive list of browsers. We also do not intend to recommend a particular manufacturer's browser over another's; only to suggest upgrading to a browser version that is compliant with current standards to give you the best and most secure browsing experience.