Microsoft 365 E5 Security is now available as an add-on to Microsoft 365 Business Premium
The threat landscape continues to evolve creating ongoing challenges for small and medium businesses (SMBs) that are faced with increased regulations and cyberinsurance requirements. Today, Microsoft 365 Business Premium delivers core security solutions to SMBs that help safeguard data, defend against cyberthreats, and manage access and devices. With the growing volume of attacks and increased sophistication of threats, there are SMBs that want enhanced cybersecurity protection for their business. We are pleased to announce that Business Premium customers are now able to purchase Microsoft 365 E5 Security as an add-on to further enhance their security. E5 Security brings new security value on top of Business Premium with Microsoft Entra ID Plan 2, Microsoft Defender for Identity, Microsoft Defender for Endpoint Plan 2, Microsoft Defender for Office 365 Plan 2, and Microsoft Defender for Cloud Apps. (ENHANCED) Identity and access controls Business Premium includes Microsoft Entra ID P1, which provides single sign-on, multi-factor authentication (MFA), and conditional access to help SMBs manage user identities and enable access to applications and resources from trusted users, devices, and locations. Microsoft Entra ID P2 offers advanced security and governance features including Microsoft Entra ID Protection and Microsoft Entra ID Governance. Microsoft Entra ID protection offers risk-based conditional access that helps block identity attacks in real time using behavioral analytics and signals from both user risk and sign-in risk. It also enables SMBs to detect, investigate, and remediate potential identity-based risks using sophisticated machine learning and anomaly detection capabilities. With detailed reports and alerts, your business is notified of suspicious user activities and sign-in attempts, including scenarios like a password-spray where attackers try to gain unauthorized access to company employee accounts by trying a small number of commonly used passwords across many different accounts. ID Governance capabilities are also included to help automate workflows and processes that give users access to resources. For example, IT admins historically manage the onboarding process manually and generate repetitive user access requests for Managers to review which is time consuming and inefficient. With ID Governance capabilities, pre-configured workflows facilitate the automation of employee onboarding, user access, and lifecycle management throughout their employment, streamlining the process and reducing onboarding time. (NEW) Extended Detection and Response (XDR) Microsoft Defender XDR delivers a unified and efficient approach to incident-level visibility across the attack lifecycle. Together XDR and exposure management (XSPM) consolidate multiple siloed security solutions to provide best-of-breed capabilities across identities, endpoints, apps, and email. (NEW) Identity threat detection and response (ITDR) Identities are one of the most common attack vectors making identity-specific threat detection and response a critical element to secure your business. Microsoft Defender for Identity includes dedicated sensors and connectors for common identity elements that offer visibility into your unique identity landscape and provide detailed posture recommendations, robust detections and response actions. These powerful detections are then automatically enriched and correlated with data from other domains across Defender XDR for true incident-level visibility. (ENHANCED) Device security Microsoft Defender for Business (MDB) already brings enterprise-grade device protection capabilities to Business Premium customers across Windows, MacOS, iOS, and Android devices. It includes vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. With streaming APIs, customers and partners can build Managed Detection and Response (MDR) services with Defender for Business. For customers who need advanced hunting, Microsoft Defender for Endpoint P2 adds advanced hunting, and 6 months of data retention on the device, along with endpoint security for IoT devices. (ENHANCED) Email and Collaboration security Microsoft Defender for Office 365 P1 in Business Premium includes SafeLinks with time of click URL filtering, safe attachments with real-time attachment scanning in sandbox, and phishing and malware defense across email, Microsoft Teams, OneDrive and SharePoint. It also has AI-powered LLM-based threat protection with 99.995% attacker intent detection accuracy. With Defender for Office 365 P2, you gain access to cyber-attack simulation training, which provides SMBs with a safe and controlled environment to simulate real-world cyber-attacks, helping to train employees in recognizing phishing attempts. Additionally automated response capabilities and post-breach investigations help reduce the time and resources required to identify and remediate potential security breaches. Detailed reports are also available that capture information on employees’ URL clicks, internal and external email distribution, and more. (NEW) Software-as-a-service (SaaS) security Microsoft Defender for Cloud Apps is a comprehensive, AI-powered software-as-a-service (SaaS) security solution that enables IT teams to identify and manage shadow IT and ensure that only approved applications are used. It protects against sophisticated SaaS-based attacks, OAuth attacks, and risky interactions with GenAI apps by combing SaaS app discovery, security posture management, app-to-app protection, and integrated threat protection. IT teams can gain full visibility into their SaaS app landscape, understand the risks and set up controls to manage the apps. SaaS security posture management quickly identifies app misconfigurations and provides remediation actions to reduce the attack surface. E5 Security delivers added protection to meet the growing needs of SMBs in a package that is cost-effective. Purchasing E5 Security has 57% savings when compared to the cost of separately purchasing the individual products that are included. FAQ When will E5 Security be available for purchase? E5 Security is available for purchase as an add-on to Business Premium starting today, 3/6. How can I purchase E5 Security? You can purchase E5 Security as an add-on to Business Premium through Microsoft Security for SMBs website or through your Partner. Does Microsoft 365 Business Premium plus Microsoft 365 E5 Security allow mixed licensing for endpoint security solutions? Microsoft Defender for Business does not support mixed licensing so a tenant with Defender for Business (included in Microsoft 365 Business Premium) along with Defender for Endpoint Plan 2 (included in Microsoft 365 Security) will default to Defender for Business. For example, if you have 80 users licensed for Microsoft 365 Business Premium and you’ve added Microsoft 365 E5 Security for 30 of those users, the experience for all users will default to Defender for Business. If you would like to change that to the Defender for Endpoint Plan 2 experience, you should license all users for Defender for Endpoint Plan 2 (either through standalone or Microsoft 365 E5 Security) and then contact Microsoft Support to request the switch for your tenant. You can learn more here. What are the differences between Microsoft Defender for Business and Microsoft Defender for Endpoint P2? MDB includes many of the same features as MDE P2, including enterprise-grade device protection for Windows, MacOS, iOS, and Android devices, vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. MDE P2 adds endpoint security for IoT devices, threat hunting, and 6 months of data retention on the device. A detailed comparison is available here. As a Partner, how do I build Managed Detection and Response (MDR) services with MDB? For partners or customers looking to build their own security operations center (SOC) with MDR, Defender for Business supports the streaming of device events (device file, registry, network, logon events and more) to Azure Event Hub, Azure Storage, and Microsoft Sentinel to support advanced hunting and attack detection. If you are using the streaming API for the first time, you can find step-by-step instructions in the Microsoft 365 Streaming API Guide on configuring the Microsoft 365 Streaming API to stream events to your Azure Event Hubs or to your Azure Storage Account. To learn more about Microsoft Security solutions for SMBs you can visit our website. Partners can access training resources, customer decks and deployment checklists from our Business Premium Partner Playbook and find additional resources for Microsoft Security for Partners.
Importing a Baseline to Microsoft 365 Lighthouse
If you must import a Security Baseline into Microsoft 365 Lighthouse, what sources can you use? I know you can use the Security Compliance Toolkit (SCT). Still, I am thinking more along the lines of where else in the Azure Tenant and specific services can you export Security Baselines (or Policies) for import into Microsoft 365 Lighthouse?Empowering tomorrow with DORA today: prepare for January 17 security regulations
The Digital Operational Resilience Act (DORA) went into effect on January 17, 2025. DORA is a set of financial services regulations passed by the European Union (EU) that impacts financial entities organized or operating in the EU, as well as technology companies that provide “information and communication technology (ICT) services” to them. Microsoft is dedicated to supporting our partners and customers in the EU and beyond as they navigate the complexities of these new regulations. As the financial sector becomes increasingly dependent on technology to operate, it has become clear that robust ICT risk management practices are implemented to ensure operational resiliency of critical infrastructure. DORA emphasizes the following key areas: ICT risk management: Institutions must implement advanced systems to identify, assess, and mitigate ICT risks. Incident reporting: Real-time incident management systems are required to notify regulators promptly. Resilience testing: Organizations must conduct regular testing to ensure digital infrastructures can withstand significant disruptions. Third-party oversight: Financial institutions must ensure robust governance of their critical ICT service providers. Regulatory Supervision: European Supervisory Authorities will designate ICT third-party services providers who are deemed “critical” to the financial services industry, based on data inputted from financial entities that use such third parties to serve critical important functions of their business operations, i.e., the critical backbone of the financial services industry. Microsoft is preparing for and expects to be designated as a critical third-party, sometime approximately in October 2025 or later. DORA also brings increased scrutiny from financial supervisory authorities and requirements for third-party ICT providers. Microsoft has developed the resources your organization needs to understand and meet these new mandates. Go to our DORA landing page to discover what DORA might mean for your organization, how you might get and remain compliant, and how to guide your financial services customers on their compliance journey. Learn more about DORAFree Windows Server 2025 Security Advice Book
Windows Server 2025 introduces a suite of new and enhanced security features tailored to tackle modern threats across on-premises, hybrid, and cloud environments. Microsoft has just published a new Windows Server 2025 Security Advice book that you should download and read. For those responsible for Windows Server security in enterprise environments, this document is a technical roadmap for understanding the depth of protection now embedded in Windows Server. Here's an overview of what you can find in the document: System Hardening and Baselines A detailed breakdown of security baselines in Windows Server 2025 explains how to achieve compliance with standards like the CIS Benchmark and DISA STIG. It walks through deploying the baseline across the system lifecycle, leveraging tools like PowerShell and OSConfig. This section is invaluable for those who need to balance security requirements with system performance and compatibility. Credential Protection and Application Control The document provides a technical overview of how virtualization-based security (VBS) isolates sensitive credentials, along with insights on application control using Windows Defender. Advanced policies for application control are discussed in a way that shows how to tailor security to fit specific organizational needs, especially useful for environments where sensitive data and high trust levels are involved. Silicon-Assisted Security Innovations An explanation of the Secured-Core Server functionality that leverage hardware-based protections like TPM 2.0, Dynamic Root of Trust Measurement (DRTM), and memory integrity checks. The document explains how these components protect against increasingly sophisticated firmware and supply chain attacks. Operational Security and Continuous Monitoring The document demonstrates how to set up continuous monitoring, drift protection, and hybrid infrastructure management. IT professionals will appreciate the step-by-step guidance on implementing real-time security baselines and alerts, which are crucial for environments requiring high availability and fast incident response. Workload Security for Virtual Machines and Containers The document covers security enhancements specifically for virtualized environments. New virtual machine options, such as Secure Boot on Generation 2 VMs and workload monitoring through Microsoft Defender for Cloud, are explained in detail, helping admins understand how these features support integrity and compliance in virtualized setups. Enhanced Network Security with Micro-Segmentation A thorough section on Software Defined Networking (SDN) and Network Security Groups (NSGs) details how to implement micro-segmentation and enforce network isolation policies. This provides a foundation for reducing lateral movement risks. Advanced Compliance and Threat Detection The document covers **Microsoft Sentinel** integration, showing how security alerts from Defender for Cloud can feed into Sentinel for unified threat detection and incident management. Access the Windows Server 2025 Security Advice book. [Link Fixed, 5 Feb 2025]Drive demand for your offers with solution area campaigns in a box
Take your marketing campaigns further with campaigns in a box (CiaBs), collections of partner-ready, high-quality marketing assets designed to deepen customer engagement, simplify your marketing efforts, and grow revenue. Microsoft offers both new and refreshed campaigns for the following solution areas: Data & AI (Azure), Modern Work, Business Applications, Digital & App Innovation (Azure), Infrastructure (Azure), and Security. Check out the latest CiaBs below and get started today by visiting the Partner Marketing Center, where you’ll find resources such as step-by-step execution guides, customizable nurture tactics, and assets including presentations, e-books, infographics, and more. Era of AI Generate interest in AI adoption among your customers. As AI technology grabs headlines and captures imaginations, use this campaign to illustrate your audience’s unique opportunity to harness the power of AI to deliver value faster. Learn more about the campaign: Era of AI: Show audiences how to take advantage of the potential of AI to drive business value and showcase the usefulness of Microsoft AI solutions delivered and tailored by your organization. Data & AI (Azure) Our Data & AI campaigns demonstrate how your customers can win customers with AI-enabled differentiation. Show how they can transform their businesses with generative AI, a unified data estate, and solutions like Microsoft Fabric, Microsoft Power BI, and Azure Databricks. Campaigns include: Innovate with the Azure AI Platform: Help your customers understand the potential of generative AI solutions to differentiate themselves in the market—and inspire them to build GenAI solutions with Azure AI Platform. Unify Your Intelligent Data and Analytics Platform - ENT: Show enterprise audiences how unifying data and analytics on an open foundation can help streamline data transformation and business intelligence. Unify Your Intelligent Data and Analytics Platform - SMB: Create awareness and urgency for SMBs to adopt Microsoft Fabric as the AI-powered, unified data platform that will suit their analytics needs. Modern Work Our Modern Work campaigns help current and potential customers understand how they can effectively transform their businesses with AI capabilities. Campaigns include: Microsoft 365 Copilot SMB: Increase your audience's understanding of the larger potential of Microsoft 365 Copilot and how AI capabilities can accelerate growth and transform operations. Smart Workplace with Teams: Use this campaign to show your customers how to use AI to unlock smarter communication and collaboration with Microsoft Teams and Microsoft 365 Copilot. This campaign demonstrates to customers how you can help them seamlessly integrate meetings, calls, chat, and collaboration to break down silos, gain deeper insights, and focus on the work that matters. Cloud Endpoints: Help customers bring virtualized applications to the cloud by providing secure AI-powered productivity and development on any device with Microsoft Intune Suite and Windows in the cloud solutions. Business Applications Nurture interest with audiences ready to modernize and transform their business operations with these BizApps go-to-market resources. Campaigns include: Migrate and Modernize Your ERP with Microsoft Dynamics 365: Position yourself as the right partner to modernize or replace your customers' legacy on-premises ERP systems with a Copilot-powered ERP. Business Central for SMB: Offer customers Microsoft Dynamics 365, a comprehensive business management solution that connects finance, sales, service, and operations teams with a single application to boost productivity and improve decision-making. AI-Powered CRM: Help your customers enhance their customer experiences and close more deals with Microsoft 365 Sales by making data AI-ready, which empowers them to create effective marketing content with Microsoft 365 Copilot and pass qualified leads on to sales teams. Use this campaign to show audiences how Copilot and AI can supercharge their CRM to increase productivity and efficiency, ultimately leading to better customer outcomes. Modernize at scale with AI and Microsoft Power Platform: This campaign is designed to introduce the business values unlocked with Microsoft Power Platform, show how low-code solutions can accelerate development and drive productivity, and position your company as a valuable asset in the deployment of these solutions. Digital & App Innovation (Azure)Position yourself as the strategic AI partner of choice and empower your customers to grow their businesses by helping them gain agility and build new AI applications faster with intelligent experiences. Campaigns include: Build and Modernize AI Apps: Help customers building new AI-infused applications and modernizing their application estate take advantage of the Azure AI application platform. Accelerate Developer Productivity: Help customers reimagine the developer experience with the world’s most-adopted AI-powered platform. Use this campaign to show customers how you can use Microsoft and GitHub tools to help streamline workflows, collaborate better, and deliver intelligent apps faster https://partner.microsoft.com/asset/collection/accelerate-developer-productivity Infrastructure (Azure) Help customers tap into the cloud to expand capabilities and boost their return on investment by transforming their digital operations. Campaigns include: Migrate VMware Workloads to Azure: Help customers capitalize on the partnership between VMware and Microsoft so they can migrate VMware workloads to Azure in an efficient and cost-effective manner. Migrate and Secure Windows Server and SQL Server to Azure - ENT: Showcase the high return on investment (ROI) of using an adaptive cloud purpose-built for AI workloads, and help customers understand the value of migrating to Azure at their own pace. Modernize SAP on the Microsoft Cloud: Reach SAP customers before the 2027 end-of-support deadline for SAP S/4HANA to show them the importance of having a plan to migrate to the cloud. This campaign also underscores the value of moving to Microsoft Azure in the era of AI. Migrate and Secure Windows Server and SQL Server and Linux Estate - SMB: Use this campaign to increase understanding of the value gained by migrating from an on-premises environment to a hybrid or cloud environment. Show small and medium-sized businesses that they can grow their business, save money, improve security, and more when they move their workload from Windows Server, SQL Server, and Linux to Microsoft Azure. Security Demonstrate the power of modern security solutions and help customers understand the importance of robust cybersecurity in today’s landscape. Campaigns include: Defend Against Cybersecurity Threats: Increase your audience's understanding of the powerful, AI-driven Microsoft unified security platform, which integrates Microsoft Sentinel, Defender XDR, Security Exposure Management, Security Copilot, and Microsoft Threat Intelligence. Data Security: Show customers how Microsoft Purview can help fortify data security in a world facing increasing cybersecurity threats. Modernize Security Operations: Use this campaign to sell Microsoft Sentinel, an industry-leading cloud-native SIEM that can help your customers stay protected and scale their security operations.
