Microsoft 365 Business Premium:

A comprehensive security and productivity solution for your

business
 1 Top of mind for small and medium businesses

Enable secure hybrid work with Microsoft

2 365 Business Premium
What we’ll cover:
Microsoft Defender for Business
3 with enterprise grade endpoint security

The Business case for Business Premium: Reducing

4 cost, complexity with the leader in security
Top challenges for small and medium businesses…

How can we do How can we How can we

distributed work better? maintain security? reduce our costs?

Employees working Multitude of personal Increased phishing

from multiple locations and mobile devices and ransomware
Security is top of mind for
SMB customers Nearly one in four SMBs

1 in 4 state that they had a

security breach in the
last year2

Ransomware attacks in the past Over 70% of SMBs

+300% year, with more than 50%

targeted at small businesses 1
70%
think cyber threats
are becoming
more of a business
risk2

SMBs would consider

90% hiring a new MSP if they

offered the right
cybersecurity solution2
Mission
Critical

1. Homeland Security Secretary Alejandro Mayorkas, 06 May 2021 ABC report

60%
2. Microsoft commissioned research, April 2019, US SMBs 1-300 employees
Microsoft 365 Business Premium
One solution to run your business securely, from anywhere

Collaborate in Enable secure access to Protect against Secure company

real time work apps cyberthreats and owned and personal
safeguard data devices
Collaborate in real time
Collaborate with coworkers, customers and partners

Real-time Online meetings External

teamwork from anywhere Collaboration
Real-time teamwork with Microsoft Teams
Work together in one solution for real-time communications and collaboration.

Easily access your files, chats, and apps in one single

workspace- across desktop, web and mobile

Co-author files simultaneously with popular Microsoft

365 apps- like Word, Excel, and PowerPoint.

Stay in sync and collaborate through 1:1 chat and

conversations centered around workstreams
Online meetings from anywhere
Host audio, video and web meetings with anyone within or outside your organization

Make meetings easier with meeting scheduling

assistant, screen sharing ability and collaborative
note taking as part of online meetings

Record and transcribe meetings and calls for easy

sharing and replay

Get high-quality audio, video backed by enterprise-

grade security and compliance.

Intelligent and Inclusive capabilities such as Live

captions, In-Message translation, Background blur,
Meeting recording transcriptions
External collaboration
Engage with your customers and partners to
chat, meet, call, and collaborate in one place

Easy, secure external guest access enables you to

collaborate with people outside your organization by
granting them access to existing teams and channels

Schedule a Teams meeting with anyone who has a valid

business or consumer email address.

Make & receive phone calls from anywhere with a cloud-

based phone system built in Teams.
Enable secure access from anywhere and
protect identity
Hybrid work starts with securing identity and access

Protect against lost Secure access to Enable remote

and stolen passwords work apps desktop access
Protect against lost or stolen passwords with MFA
Verify user identities with strong authentication

Including passwordless technology

Microsoft Windows FIDO2 Biometrics

Authenticator Hello security key

Multi-factor
authentication
prevents 99.9%1
We support a broad of identity attacks
range of multi-factor Push
notification
Soft
Tokens OTP
Hard
Tokens OTP
SMS,
voice
authentication options

1
Source: https://www.microsoft.com/security/blog/2019/08/20/one-simple-action-you-can-take-to-prevent-99-9-percent-of-account-attacks/ based on MSFT internal study
Secure access to work apps – with Azure Active Directory
Azure AD Premium P1 is now included with Microsoft 365 Business Premium

Enable your employees to remotely

access on-premises apps without
opening broad access to your network
with App Proxy1

Control “where, when and who”

connects to Office apps with
Conditional Access

Automatically add/remove users to

security groups and reduce IT
overhead with Dynamic Groups
Enable remote desktop
access with Windows
Virtual Desktop
Deliver the only multi-session Windows 10 experience
that’s highly scalable and stays up to date

Enable optimizations for Office

Migrate RDS desktops and apps and simplify licensing

and reduce costs

Deploy and scale in minutes. Manage with ​unified admin

interface in Azure Portal ​

Support any end-user device platform including Windows,

Android, Mac, iOS, and HTML 5
Protect against cyber threats and data loss
Defend against cyberthreats and safeguard business data

Protect users against Safeguard confidential Get visibility into

cyberthreats like phishing business data cloud app use
Protect against cyberthreats with
Microsoft Defender for Office 365

Protect against malicious links in email or Teams with real time

scanning using Microsoft Defender for Office 365 Safe Links

Get AI-powered malware scanning for attachments in email

and shared document links in Teams and OneDrive with Safe
Attachments

Defend against impersonation and spoofing

with anti-phishing

Get better protection on Windows devices against suspicious

processes like ransomware with Microsoft Defender AV
Safeguard business data with DLP
and Azure Information Protection

Prevent sharing of sensitive information like credit

card numbers using preconfigured DLP policy
templates for HIPAA, PCI_DSS, SSN etc

Control whether an email can be forwarded,

printed, or viewed by non-employees.

Control whether a document can be edited,

printed, or viewed by non-employees. You can
also revoke access.
Get visibility into cloud app use with Cloud App Discovery

Discover cloud app usage to understand

shadow IT risk

Understand the security of your cloud apps

with risk assessment for 16,000+ cloud apps

Understand usage patterns and identify high

risk users. Export data for additional analysis

Prioritize applications to bring under IT

control and integrate applications to enable
single sign-on and user management
Secure personal and company owned devices
Secure and manage the devices that access your company’s data

Manage work data on Automate deployment Secure your devices

mobile devices using Autopilot with Defender for
Business
Manage work data on mobile devices with Intune

Mobile Device Enroll devices for Provision settings,

Management (MDM) management certs, profiles

Conditional Access:
Manage access to company Report & measure device Remove corporate
owned devices. compliance data from devices
remotely

Mobile Application Publish mobile Configure and

Management (MAM) apps to users update apps

Conditional Access:
Manage which apps can be Enforce that work data Secure & remove
used to access work email or cannot be saved on corporate data within
personal apps mobile apps
files on personal devices
Example: Managing work data on personal devices

MAM policy to Email

secure work data
2
Attachment

Managed apps
OneDrive for
Business

Corporate Personal
data data
Copy Paste Save

Paste to Save to
personal app personal storage

Personal apps
OneDrive (personal)

Azure Information Protection (AIP) Separate company managed apps from Intune APP helps ensure
empowers you to specify access personal apps, and set policies on how corporate data can’t be copied
controls for work data work data is accessed from managed and pasted to personal apps
apps within the device
Automate Windows
deployment using Autopilot

Drop-ship management-ready devices

Significant cost and time savings

in OS deployment

Bypass traditional image-based deployment

Ongoing ability to do automated provisioning

of apps, configurations and user settings

Easy new device experience for end-users

Secure your devices with Microsoft Defender
for Business
Microsoft Defender for Business in Business Premium

Elevate your security

Device protection specially designed for businesses with up to 300 employees.

Enterprise-grade protection Easy to use Cost-effective

Protect your devices against
ransomware and other
cyberthreats with industry-leading
Defender technologies like
endpoint detection and response
and threat and vulnerability
management.
Get up and running quickly with easy,
wizard-based onboarding. Out-of-the
box policies and automated
investigation and remediation help
automatically protect you against the
latest threats, so you can focus on
running your business.
Security that just works without
compromising budget.
Available in two flexible plans as
part of Microsoft 365 Business
Premium, or as a standalone
solution. Protect up to 5 devices per
user, for $3 per user per month.

Microsoft Defender for Business now generally available: https://aka.ms/DefenderforBusiness​

.
Microsoft Defender for Business servers add-on now generally available: https://aka.ms/MDB-TechblogNov22
.
 Microsoft Defender for
Business is now included
in Business Premium Microsoft 365 Business Premium ($22pupm)1
Comprehensive productivity and security solution
Per user license Licensing Options

1. As standalone SKU, up to 300 users

Microsoft 365 Business Standard ($12.50)1
Office apps and services, Teams Entitlement for use on up to 5 devices

2. Included as part of Microsoft 365

Microsoft Defender Business Microsoft Defender for Business Business Premium, up to 300 users.
($3pupm)1
Microsoft Defender for Office 365 Plan 1
Enterprise-grade 3. Add-on server offering now available
endpoint security Intune
Per user license Azure AD Premium Plan 1
 Next generation protection Azure Information Protection Premium P1
 Cross-Platform support (iOS,
Exchange Online Archiving
Android, Windows, MacOS)2
 Endpoint Detection and Response Autopilot
 Threat and Vulnerability
Azure Virtual Desktop license
Management
 …and more Windows 10/11 Business

Shared Computer Activation

price is subject to change based on subscription term, currency and region

1

Add-on for server support is now available. iOS and Android security without Intune for MDB standalone now GA. Intune Plan 1 is included in Microsoft 365 Business Premium. See Documentation for detail.
1
 Defender for Business servers
add-on new available
Add-on Windows and Linux server protection
to Defender for Business or Microsoft 365
Business Premium*

Same protection for both clients and servers

1
with a single admin experience.

2 Multi-customer management with Microsoft

365 Lighthouse integration

3 $3 per server instance

Get the server add-on at https://aka.ms/DefenderforBusiness

Learn more from the https://aka.ms/MDB-TechblogNov22

*Add-on requires a minimum of one Microsoft 365 Business Premium, or Defender
New ways for partners to quickly deliver security
services
Build your own SOC Integrate with MDR

Preview:
Streaming APIs
Defender for Business now supports
streaming of device events to Event
Hubs, Azure Storage or Microsoft
Sentinel to enable advance hunting.
Defender for Business and Business
Premium 24x7 Managed Detection and
Response services for MSPs who don’t
want to build an in-house SOC.

Available today—learn more at

https://aka.ms/BlackpointMSFT

Learn more at our Inspire Blog post: https://aka.ms/SMBSecurityJulyBlog

 Monthly Security
Summary
Better understand status of security
and identify areas for improvement
across devices.

Quickly share security insights with

1
stakeholders in a simple format.

2 Identify areas to improve security.

3 See threats prevented by Defender

for Business.

Learn more from the https://aka.ms/MDB-TechBlogMarch23

*Add-on requires a minimum of one Microsoft 365 Business Premium, or Defender for Business
subscription.
 Automatic Attack
Disruption
Help stop ransomware and malware
from spreading in your business

Automatically disable or restrict devices

1
involved in an ongoing attack

2
Prevent healthy devices communicating with
compromised machines

3 Minimize damage caused by

cyberthreats.

Learn more from the documentation.

Mixed Licensing with
Defender for Business
What happens if Microsoft Defender for
Endpoint (MDE) P1/P2 exists in the same
tenant as Defender for Business?

If a tenant has both, all users and devices will

1
receive the Defender for Business experience.

2
If you want MDE P1 experience, raise a support request to
have the experience switched.

3 If you want MDE P2 experience, 100% of users must be

licensed for MDE P2 then raise a support request to have
the experience switched.

Learn more at https://aka.ms/MDB-MixedLicensing

If your organization grows beyond 300 users, it's recommended to choose an

enterprise plan that includes Defender for Endpoint for all users.
 PRE MDB WITH MDB
Microsoft Microsoft Microsoft
365 365 Defender for
Business Business Business
Premium Premium (MDB)

•
eDiscovery •
•
eDiscovery and Audits Litigation Hold •
•
Email Archiving •
•
Information Rights Management •
•
Information Protection File classification/labeling •

Defender for • •
File tracking and revocation
• •
Message Encryption
•

Business brings
Data Loss Prevention Data Loss Prevention •
• •
Data App Security
• •
Safe links

enterprise grade Email and Collaboration

Security
Safe Attachments
Anti-phishing
•
•
•
•

device security to •1 •1
Windows device setup & management
• •
Device health analytics
Device management •

Microsoft 365
Mobile Device Management •
• •
Mobile App Management
• •
Identity and Access Risk based Conditional access

Business Premium Management and Security Multi-factor authentication

Centralized management
•
•
•
• •
• •
Simplified client configuration
• •
Next-gen protection Win10
• •
Attack Surface Reduction Win101
• •
Network Protection
1
Limited. 2
Optimized for SMB. • •
Device Security Web Category blocking
3
iOS and Android security without Intune for MDB
• •
Endpoint detection and response
standalone is GA. Intune Plan 1 is included in Microsoft 365 •3 •3
Business Premium. Please see Documentation for more Cross platform support (iOS/Android/Mac)
•2 •2
detail. Automated investigation and response
• •
Threat and vulnerability
•2 •2
Threat intelligence
 Delivering endpoint security across platforms

Azure Virtual Desktop

Endpoints* Mobile device OS* Virtual desktops

1
Add-on for server support is now available. 2iOS and Android security without Intune for MDB standalone now GA. Intune Plan 1 is included in Microsoft 365 Business Premium. See Documentation for
detail.
 Microsoft Defender
for Business
Elevate your security

Threat & Vulnerability Attack Surface Next Generation Endpoint Detection Auto Investigation
Management Reduction Protection & Response & Remediation

Simplified Onboarding
APIs and Integration
and Administration
 Microsoft Defender for Business brings many E5 capabilities to SMB

Cross platform and enterprise grade Available as a standalone Defender for Supports multi-customer
protection with next-gen protection, device security solution Business server add-on viewing of security incidents
endpoint detection and response, and and as part of Microsoft is now available. with Microsoft 365 Lighthouse
threat and vulnerability management. 365 Business Premium. for partners.

Customer size < 300 seats > 300 seats

Microsoft Defender for Endpoint Microsoft Defender for Endpoint
Device security capabilities\SKU Microsoft Defender for Business
Plan 1 Plan 2
Centralized management   
Simplified Firewall and Antivirus configuration for Windows 
Threat and Vulnerability Management  
Attack Surface Reduction   
Next-Gen Protection   
Endpoint Detection and Response 1 
Automated Investigation and Remediation 1 
Threat Hunting and 6-months data retention 
Threat Analytics  1

Cross platform support for Windows, MacOS, iOS 2, and Android2 clients   
Windows server and Linux server Microsoft Defender for Business se 3 3
rvers add-on
Microsoft Threat Experts 
Partner APIs   
Microsoft 365 Lighthouse for viewing security incidents across customers 

1
Optimized for SMB. 2 iOS and Android security without Intune for MDB standalone now GA. Intune Plan 1 is included in Microsoft 365 Business Premium. 3Requires server add-on. See Documentation for detail.
DEMO and Recap:
Comprehensive collaboration and security
with Microsoft 365 Business Premium
Demo
Comprehensive security with Microsoft 365 Business Premium
Identity Security
User
Azure AD Features like MFA
Self Service Password Reset
Conditional Access
Dynamic Groups
Microsoft 365 Business Premium
Device Security
Device
10 Pro
Microsoft Defender for Business
for ransomware and malware
protection with EDR
Full Centralized Management of
Mobile and Laptops with Intune
Remote wipe of data of lost &
stolen devices
BitLocker Encryption
Enforce Strong Pin requirements
along with Wi-Fi, VPN profiles
Application Security Document Security
Application Document
Restrict copy/paste/save corp data Azure Information Protection
to personal apps using Intune App protects, classifies Documents for
Protection Policies secure sharing including in Teams
Defender for Office 365 for Revoke access to Documents
protection against malware and
zero-day attacks Track Sensitive documents
Data Loss Prevention to monitor
sensitive data from being
transmitted
Email restrictions like “Do Not
Forward” or “Encrypt Email”
Why choose
Microsoft 365 Business Premium?
Microsoft 365 Business Premium Benefits
One solution to run your business from anywhere, with peace of mind

Comprehensive and easy to use Reduces costs Enterprise grade technology

One solution for productivity and security Eliminates costs of multiple point solutions Advanced security; trusted by enterprises
Cloud platform simplifies deployment Reduces helpdesk costs AI powered threat intelligence
Gets you up and running quickly Eases licensing complexity Top rated security vendor
Microsoft’s unique vantage point on security intelligence

Windows Azure Xbox Identity Email Documents Web

1.2B+ 1B+ 65M+ 630B+ 470B+ 600B+ 18B+

Platforms Transactions

300B 2.3B 11B 12B

User activities profiled Endpoint vulnerabilities Malicious and suspicious Cloud activities inspected,
and analyzed in 2019 discovered daily messages blocked in 2019 monitored, and controlled in 2019
 Microsoft Defender for Business makes Business Premium
more complete and cost-effective

Security, Identity and Device Mgmt

Remote access solutions $5
Advanced Email protection $5
Single Sign-On $2
Microsoft 365
>$45
Conditional Access+ MFA $6
Endpoint anti-virus protection ~$3
Endpoint Detection and Response~$5 monthly cost of
$22 Business Premium
One solution to run your
Device management $4 monthly2
3rd party solutions1
business securely, from
anywhere
Collaboration and Productivity
Productivity apps and file storage $12 New! Microsoft Defender for Business
Premium customers now Generally Available in
Chat based collaboration $6.67 Microsoft 365 Business Premium

1
Estimates based on published prices ; Price subject to changes
2
Microsoft 365 Business Premium priced at $22pupm starting March 1, 2022, Price is subject to change based on subscription term, currency and region;
File Storage and Productivity apps – Google Workspace $12 (unlimited storage) Online chat-based collaboration – Slack $6.67
Single Sign On– Okta $2; Adaptive MFA (Conditional Access+ MFA) – Okta $6
Device Management - IBM MaaS 360- $4.00, Endpoint Protection: Sentinel One Complete (Antivirus with EDR) $8, Proofpoint email protection - $5
Remote Access: Windows Terminal server CAL ($199 perpetual per user; over 3 years – per month would be around $5); TeamViewer - $49 per user per month
Microsoft Security—
a Leader in 5
Gartner Magic
Access Cloud Access Enterprise
Management Security Brokers Information Archiving

Quadrant reports

*Gartner “Magic Quadrant for Access Management,” by Henrique Teixeira, Abhyuday Data, Michael Kelley, November 2021
*Gartner “Magic Quadrant for Cloud Access Security Brokers,” by Craig Lawson, Steve Riley, October 2020
*Gartner “Magic Quadrant for Enterprise Information Archiving,” by Michael Hoech, Jeff Vogel, October 2020
*Gartner “Magic Quadrant for Endpoint Protection Platforms,” by Paul Webber, Rob Smith, Prateek Bhajanka, Mark Harris, Peter Firstbrook, May 2021
*Gartner “Magic Quadrant for Unified Endpoint Management,” by Dan Wilson, Chris Silva, Tom Cipolla, August 2021

These graphics were published by Gartner, Inc. as part of larger research documents and should be evaluated in the context of the entire documents. The Gartner
documents are available upon request from Microsoft. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not
advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Endpoint Unified Endpoint
research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including
any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the Protection Platforms Management
U.S. and internationally, and is used herein with permission. All rights reserved.
Microsoft named a
Leader in IDC MarketScape
for Modern Endpoint
Security for Enterprise and
Small and Midsize
Businesses

IDC MarketScape: Worldwide Modern Endpoint Security for Small and Midsize Businesses
2021 Vendor Assessmenthttps://idcdocserv.com/US48304721
IDC MarketScape vendor analysis model is designed to provide an overview of the competitive
fitness of information and communication technology (ICT) suppliers in a given market. The
research methodology utilizes a rigorous scoring methodology based on both qualitative and
quantitative criteria that results in a single graphical illustration of each vendor’s position
within a given market. The Capabilities score measures vendor product, go-to-market, and
business execution in the short term. The Strategy score measures alignment of vendor
strategies with customer requirements in a three to five-year timeframe. Vendor market share
is represented by the size of the icons.

Microsoft named a Leader in IDC MarketScape for Modern Endpoint Security for Enter
prise and Small and Midsize Businesses - Microsoft Security Blog
 Market Share leader in corporate endpoint security

IDC ranks Microsoft #1 in WW Corporate Endpoint Security 2022 Market Share

“…Microsoft has the highest market share at

18.9% in 2022 with a market share increase of
7.2 percentage points over 2021.”

Source: IDC, Worldwide Corporate Endpoint Security Market Shares, 2022: Pace of Growth Accelerated Through 2022, doc #US49349323, June 2023
Microsoft Defender
consistently rated top AV

1 AV-TEST: Protection score of 6.0/6.0

in the latest test

AV-Comparatives: Protection rating of

2
99.7% in the latest test

3 SE Labs: AAA award in the latest test

4 MITRE: Industry-leading optics and

detection capabilities

https://docs.microsoft.com/en-us/windows/security/threat-protection/intelligence/top-scori
ng-industry-antivirus-tests
Customer example:
Howden Insurance

“After this migration, we won’t have any more sleepless nights

worrying about our vulnerabilities and outdated systems,”…
”This migration and upgrade to Microsoft 365 has given us a
competitive edge.”
—Chhaya Mishra, Head of Technology at Howden India

”Having a best-in-class platform like Microsoft 365 addresses

multiple challenges in one go, something that was missing
earlier. Today, I can say that we have all the tools in place for
significantly improving business productivity and collaboration
while providing a much higher level of security.”
—Praveen Vashishta, Chairman and CEO at Howden India

Howden Insurance Brokers India | Read more at aka.ms/HowdenInsuranceBrokers

Next steps
Get started on your M365BP journey:
Get started with a free security assessment:

Video: Top 5 Benefits of Microsoft 365 Business Premium

https://aka.ms/M365BPvideo

Learn more about the product:

https://aka.ms/M365Bweb
© Copyright Microsoft Corporation. All rights reserved.