As you research your options for enterprise productivity applications you likely will come across Microsoft 365 alongside the more commonly known Office 365.
In typical Microsoft fashion, there are an array of different plans and licensing levels for each option. Deciding which is the best option can therefore take some time.
What is Microsoft 365 and how is it different from Office 365? M365 includes enterprise-specific features that you would likely purchase separately, critically several Enterprise Mobility and Security components.
For businesses at the midsize and enterprise levels, M365 seems like the clear choice. But what exactly do you get at each level of M365? And how does it compare to O365?
M365 has been around for a couple of years now and bundles not only the entirety of Office 365 but also several other key enterprise products to help you manage your employee devices and enforce your security protocols. Depending on which level you license, you get Office 365 in either Business Premium or Enterprise F1, E3, or E5, plus the following:
For large scale desktop computing, M365 seems like a no-brainer for bundling Win10 and O365 alone. But it also allows you to modernize and migrate vital functions like Active Directory, mobile device management, and security settings within the M365 Admin Center in Azure.
M365 enables you to perform Mobile Device Management (MDM) from the cloud without purchasing or administrating a local server. O365 does include Office MDM at the Enterprise level, but it is not as fully featured as Intune.
There are two main flavors of M365: Business and Enterprise, with Enterprise also having F1, E3, and E5 levels that mirror their counterparts in O365. For Microsoft 365 Business, you get a Windows 10 Pro license included for each seat. For Enterprise F1 or E3, you get a Win 10 Enterprise E3 license; and with Enterprise E5 you get a Win 10 Enterprise E5 license.
Unlike O365, M365 includes an Intune license. Microsoft Intune is an MDM platform that allows you to control mobile device policies and application policies, enforcing corporate policy around what types of apps can be installed on your assets, preventing rooting of phones, and requiring specific passwords or other security measures. You can also remotely wipe devices without affecting personal data, removing only corporate information and applications. This is a great feature for Bring Your Own Device (BYOD) scenarios.
Intune Application Protection Policy enforces specific features within an app. For your O365 apps, that might mean enforcing passwords or pin code entry in order to open a corporate datastore or mailbox.
In addition to Intune, you can use M365 to preconfigure Windows 10 and set policies for Windows Defender, Windows Update, and Windows Firewall. This limited OS management is a nice value-add, and it’s great to have it within a single portal, but it won’t replace SCCM for most enterprise computing environments, as chances are you need to manage a variety of third party apps outside of the M365 sphere.
M365 also offers more information security features than Office or Windows do alone. This includes Azure Active Directory, Azure Information Protection, Cloud App Security, Advanced Threat Analytics, and Advanced Threat Protection.
Cloud-based tools from Azure like Active Directory, Information Protection, and Advanced Threat Protection work to classify your corporate data, track it, and encrypt it, as well as identifying, detecting, and investigating threats to your enterprise IT environment. Together they offer a single point of access from the cloud security center to locate malicious activity or track down compromised systems. Active Directory, of course, is the cloud version of AD which is a longstanding ID and access management platform to control your user credentials and connections within your application environments.
Advanced Threat Analytics is an on-premise platform that can help you face down external, targeted attacks as well as internal threats from those with access to your systems.
Finally, Cloud App Security is a broker tool that controls how your users interact with and consume cloud services. It includes discovery tools to find what SaaS, IaaS, or PaaS tools are in use as well as analytics, risk assessments, and protection features for you to decide how much risk is acceptable and safeguard your enterprise data.
Now the hard part: do you really need M365 over O365? Simply put, if any of the above features sound useful to you, or if you are already licensing some of the platforms in addition to O365, you could add value with M365.
Another strong indicator that M365 might be a good fit is if you are facing IT modernization or consolidation initiatives. While it can take some effort (which Green House Data is well qualified to assist with), you’ll migrate many of your enterprise IT management tools to the cloud. Many of the advanced security features, Active Directory, and cloud-based MDM may be able to replace other third-party software platforms that you are using as well. By consolidating under a single cloud platform you’ll have easier administration.
If you aren’t sure which of Microsoft’s offerings are the best fit, drop us a line and we’d be happy to discuss your options. Microsoft has made some very interesting moves in the past few years to innovate and maintain their status as the de facto provider of enterprise IT productivity and device management. Microsoft 365 is a compelling addition to that portfolio.