menu close
  • Back

A few years ago, most governmental organisations were signed up to Microsoft E3 licences as a standard practice.

Generally speaking, this made sense. Not only was doing so cheaper, but E5 licences didn’t have the strength of features they offer today. Often, this comes down to education, as many organisations aren’t aware of the benefits of E5 licenses or the changes Microsoft has made to enhance its security suite of products.

Today, however, security is something organisations—whether governmental or not—can’t afford to ignore, due to the evolving threat landscape. If you’re already in the Microsoft ecosystem, it makes sense to explore opportunities to take full advantage of its benefits. You may want to try looking into Microsoft 365 managed services. In particular, here’s how uplifting your licensing benefits your organisation and its security.

How is the advanced security of E5 licences uplift your security posture

At a high level, you can think of the integrated, unified security stack of Microsoft 365 (M365) E5 products as an end-to-end security solution that secures both the whole Microsoft environment, as well as multi cloud and hybrid environments. This protection includes Microsoft Advanced Threat Analytics to improve your threat detection capabilities, making your security posture even stronger.

Upgrading your licensing not only ensures this breadth of security capabilities but also provides new security-centric features, such as Windows Enterprise integration and improves functionality through the Microsoft Graph API. Moreover, you gain access to audio conferencing features, which facilitate seamless communication within your organisation.

These advanced features, combined with additional compliance capabilities, strengthens your organisation to secure its digital landscape comprehensively while optimising productivity and collaboration.

Features Gained Moving from M365 E3 to M365 E5:

  • Azure Active Directory Premium P2 (vs P1)
  • Microsoft 365 Defender
  • Microsoft 365 Defender for Endpoint P2
  • Microsoft 365 Defender for Office 365
  • Microsoft 365 Defender for Identity
  • Azure Information Protection P2 (vs P1)
  • Microsoft Defender for Cloud Apps

Full details can be found here

Additional compliance benefits gained from this transition include:

  • Rules-based automatic retention policies, machine learning-based retention, records management
  • Advanced eDiscovery, advanced audit
  • Insider Risk Management, communication compliance, information barriers, customer Lockbox, privileged access management
  • Built-in third-party connections

Features Gained Moving from M365 EMS E3 to M365 EMS E5:

  • Risk-based conditional access
  • Privileged identity management
  • Intelligent data classification and labeling
  • Microsoft Cloud App Security
  • Microsoft Defender for Identity

Full details can be found here

By gaining access to these features, your organisation benefits from:

  • Stronger identity and access management without compromising productivity
  • Stronger threat protection that’s streamlined across multiple apps and systems
  • Better protection of your sensitive information
  • Stronger compliance, resulting in easier audit preparation
  • The ability to refine who gets access to what on a more granular level

It’s important to note that some of these components may be available for purchase separately. For example, if you aren’t ready to sign up for E5, you may be able to add the E5 Security Suite to an existing E3 licence (i.e. M365 E3 + E5 Security). A qualified Microsoft Partner can help you determine the best licensing approach for your needs.


What Is Office 365 for Enterprise?

Office 365 for Enterprise, also known as Microsoft 365, is a comprehensive suite of cloud-based productivity and collaboration tools offered by Microsoft. It's designed to meet the diverse needs of larger organisations and businesses. With Office 365, you gain access to a variety of essential applications, including Microsoft Word, Excel, PowerPoint, and Outlook, which are essential for your day-to-day operations.

Additionally, Office 365 provides powerful cloud-based services such as Microsoft Teams for seamless communication and collaboration, SharePoint for efficient document management and collaboration, OneDrive for convenient cloud storage, and Exchange Online for reliable email services.

One of the standout features of Office 365 for Enterprise is its compliance management capabilities. It strengthens organisations to maintain data protection and adhere to regulatory requirements, making it an ideal choice for businesses that deal with sensitive information. Power BI Pro, another included feature, allows for advanced data analysis and reporting, providing valuable insights to drive informed decision-making.

Azure Information Protection further enhances security by safeguarding your data with encryption and access controls. The suite also includes various Microsoft Office apps, making sure that you have all the necessary tools for productivity within your organisation.

Furthermore, Office 365 for Enterprise offers multi-factor authentication to bolster security, securing your data and applications. This suite is packed with compliance features that help you stay in line with industry regulations and protect your organisation's sensitive information.

Office 365 for Enterprise is a solution that combines essential productivity tools, advanced data protection, and robust compliance features. It's designed to meet the diverse needs of large organisations and enhance their productivity while ensuring data security and compliance with industry standards.

Additional benefits of upgrading from E3 to E5:

Beyond the new capabilities listed above, uplifting your licensing offers a number of other advantages. For example, in addition to improving your compliance with relevant regulations and audits, upgrading to E5 licensing can come with cost-saving benefits. 

A lot of organisations will have third-party antivirus software and an incoming mail scanner—things like that,” explains Todd Elliott, General Manager of Satalyst, part of Canon Business Services ANZ (CBS). “Replacing these pays for the uplift from E3 to E5, and you also get Identity Protection and the Risk and Compliance Suite as well.” 

As these third-party solutions are phased out, two more benefits emerge. Firstly, there's the potential for an enhancement in security, as you minimise vulnerabilities linked with third-party software. Simultaneously, you streamline the ongoing complexity related to managing multiple vendors and SaaS products, including those related to Microsoft Teams, Microsoft 365, and advanced analytics.

This simplification can influence how you staff your team amid existing labour shortages. Instead of needing separate personnel for managing various tools, standardising across the Microsoft security stack, including advanced compliance features, Power Apps, Cloud Services, Mobile Apps, Enterprise Mobility, Office 365, Compliance Management, Power BI Pro, Azure Information Protection, and Microsoft Office Apps, simplifies the search for talent with the necessary skill sets.

IT Security Checklist

Transform Your Cyber Defense: Prioritised Actions for Staying Ahead of Threats.

Download

What holds organisations back?

Despite these clear advantages, there are a number of factors that, understandably, keep organisations from taking the next step forward.

One is the sheer size of some governmental organisations. It’s not uncommon for CBS to work with governments whose organisational structures involve thousands of users, spread across multiple agencies. Further, some of these agencies have thousands of legacy on-prem servers in place—the thought of auditing them, let alone making licensing changes, can seem daunting.

Configuration represents another challenge. As Elliott notes, “It’s easy enough to turn these features on. But they also need to be set up and configured properly. Otherwise, you’re only as secure as your setup”. 

But perhaps more pervasive is the mindset that ‘we’re not worth attacking’. The growing sophistication of modern phishing, spear phishing, and social engineering attacks immediately disproves this way of thinking. If a hacker is able to breach a lower agency and pretend to be someone within it while sending emails from one agency to another, the potential for risk and exposure is incalculable.

By addressing these challenges and leveraging the capabilities of Microsoft Teams and Microsoft 365, organisations can enhance their security posture, fortify information protection, and implement advanced retention policies, all while bolstering their compliance.

How to upgrade from E3 to E5 licensing

Fortunately, overcoming these challenges is not only possible, but it’s proven, given the number of organisations that have done so successfully. Once you’ve committed to making the change, the next step is actually purchasing upgraded licensing—and the good news is that this process is fairly straightforward.

Typically, government in Australia has enterprise-wide or government-wide Enterprise Agreements in place with existing pricing, though this varies by state or jurisdiction. If you don’t have an existing agreement, your next step might be purchasing more licensing from a distributor or even signing a new Enterprise Agreement. In any case, Microsoft is eager to support licensing upgrades and will likely try to make the process as easy as possible. 

Once licensing is in place, the next question you’ll need to address is how to roll out your upgrades. Many of the organisations we work with find the benefits of E5 licensing compelling, but they have a lot of features they want to upgrade, and they’re wary of doing it all at once.

In this case, we often recommend incremental upgrades or staged rollouts, planned and executed according to a roadmap that’s appropriate for your circumstances.  

  • Often, we recommend starting with InTune and making sure that we’ve got Defender for Endpoints installed and operating. This ensures all of the devices connected to your network are secured and monitored. This also allows you to see if you have any endpoints with out-of-date software on them that may have vulnerabilities. 
  • Next, we typically recommend rolling out Defender for Identity to implement privileged identity management and role-based access control.
  • After that, the progression tends to be more customised. If your organisation is cloud-only, for instance, that might set you down one path. But if you’re on-prem, that might mean moving on to implementing Defender for Servers and similar features. 

According to Elliott, however, your dedication to the process is ultimately more important than whether you go all-in or do a staged rollout. “You really need to commit to it”, he states. “It might take you a year to 18 months to do it in a phased manner. But if you just decide to do one bit, and say you'll come back later and work out what's next, you're really not going to leverage the full benefit of E5 licensing”. 

Moving forward to optimise your Microsoft investment

If all of this sounds overwhelming, don’t worry. Having the right partner on your side makes it possible to minimise complexity while streamlining new implementations in order to get the most out of your Microsoft investment.

Not only does CBS have experience assessing the application architectures of large organisations and guiding them through the uplift process, but we’ve also written a substantial volume of documentation and IP around automating deployments, removing existing products, and onboarding devices onto new environments in a way that’s compliant with government standards.

To learn more about our process for uplifting Microsoft licensing from E3 to E5, contact us to speak with one of our governmental security experts or to inquire about our exclusive Security Uplift offer.

Similar Articles

VIEW ALL

What are the advantages of Microsoft Azure

Discover the advantages of Microsoft Azure: Scalability, security, cost-efficiency, and innovation. Learn how Azure enhances operations and drives digital transformation in New Zealand.

What is Security Automation?

Learn how automated security transforms cybersecurity, making it simpler and more efficient. Protect your business data with CBS New Zealand’s expert insights now!

Azure automation tools you need to know about

Discover how Azure automation tools streamline cloud management, enhance security, and optimise costs for organisations in New Zealand. Read more!

What are the effective Azure cost optimisation strategies

Maximise Azure efficiency for your New Zealand organisation. Reduce costs, optimise resources, and align spending with business goals using our expert strategies and tools!

Ultimate guide to Azure deployment process

Discover the ultimate guide to Azure deployment for Australian organisations! Learn about essential services like Azure App Service, Virtual Machines, and Kubernetes.

What are the benefits of penetration testing?

Gain confidence in your digital security with the benefits of penetration testing. Enhance cybersecurity, identify vulnerabilities, and fortify your defences with CBS New Zealand's expert insights now!

What are the advantages of Microsoft Azure

Discover the advantages of Microsoft Azure: Scalability, security, cost-efficiency, and innovation. Learn how Azure enhances operations and drives digital transformation in New Zealand.

Cybersecurity Threat Detection: Proactive strategies

Stay ahead in cybersecurity with our 2024 guide on threat detection. Learn advanced technologies & response plans to protect your business against threats with CBS New Zealand.

What are the differences between Public, Private, & Hybrid Clouds

Learn about public, private, & hybrid cloud models with CBS New Zealand's expert insights now!

Digital transformation in different industries

Discover how digital transformation is driving innovation across industries like healthcare, finance, and retail in New Zealand. Learn more.

Digital transformation in New Zealand's financial services

Discover key strategies and technologies driving digital transformation in Australia's financial services. Find out more!

How do you prevent phishing attacks?

Prevent phishing attacks with MFA, anti-phishing tools, and employee training to safeguard sensitive information and stay secure with Cannon Business Services New Zealand!