When it comes to managing a small or medium-sized organization, Microsoft 365 Business Premium provides a solid foundation for productivity and collaboration. However, even with Business Premium, advanced threats such as phishing, identity theft, and compliance risks can put your organization at risk. To address these challenges, Microsoft has introduced new security and compliance add-ons for Business Premium at an affordable price. Let’s explore how these add-ons can help organizations stay safe and secure.
What are the New Security and Compliance Add-ons for Microsoft 365 Business Premium?
With a Microsoft 365 Business Premium license, you can now add the following add-ons to strengthen security and simplify compliance for your organization.
Let’s delve into these new security and compliance add-ons for Microsoft 365 Business Premium subscription and explore their key features.
1. Microsoft Defender Suite at $10/user/month for Business Premium
The Microsoft Defender Suite delivers end-to-end security to help small business defend against evolving identity attacks, device threats, phishing emails, and risky cloud apps. It strengthens your organization’s security through the following key plans.
| Plans and Features | Capabilities |
| Microsoft Entra ID P2 | Microsoft Entra Protection delivers risk-based conditional access policies to secure users and sign-ins and provides real-time alerts with detailed reports to quickly flag threats like password spray attacks. At the same time, Microsoft Entra ID Governance simplifies access management and automates admin tasks like user onboarding and offboarding, ensuring the right access for every user. |
| Microsoft Defender for Identity | This works hand-in-hand with Microsoft Defender XDR and includes special sensors to monitor identity-related activities. It helps detect, investigate, and stop advanced identity threats before they cause damage. Its Identity Threat Detection and Response (ITDR) system uses real-time analytics to detect suspicious activity, respond automatically, and help secure compromised accounts. |
| Microsoft Defender for Endpoint Plan 2 | This plan keeps devices safe with endpoint detection and response (EDR) by detecting threats, auto-investigating issues, and applying fixes. It enables you to enforce device-based conditional access to allow only trusted devices, which reduces the potential attack surfaces. Along with this, it includes Microsoft Secure Score for Devices to show network health, flag unprotected devices, and suggest improvements. |
| Microsoft Defender for Office 365 P2 | This plan helps protect your email collaboration and users to recognize and handle cyber threats. It enables you to perform attack simulation training for users on real world cyber-attacks to educate users about evolving attack methods and prevention steps. Its automated investigation and response features provide the capabilities to detect risky URL clicks, monitor external email distribution, and review email activity to improve your organization’s email security posture. |
| Microsoft Defender for Cloud Apps | This is an AI-powered SaaS security solution that protects your cloud applications. It monitors cloud app usage, identifies risky or misconfigured apps, and provides actionable guidance to remediate security gaps. It helps discover shadow IT and manage unauthorized or unmanaged apps. It also detects OAuth-based attacks, protects app-to-app data, and supports information protection and compliance. |
2. Microsoft Purview Suite at $10/user/month for Business Premium
The Microsoft Purview Suite helps SMBs manage compliance, protect sensitive data, and operate with the same level of security as large enterprises. It simplifies data governance and keeps your business information safe with the following capabilities.
| Solutions | Capabilities |
| Microsoft Purview Insider Risk Management | This helps detect potential internal risks such as data leaks, intellectual property theft, policy violations, and more. It allows you to create Insider Risk Management policies using built-in policy templates such as data leaks, risky AI usage, security policy violations, and more to help identify and mitigate potential insider risks within your organization. |
| Microsoft Purview Information Protection | This solution enables you to discover, classify, and protect sensitive information across email, SharePoint, OneDrive, and Teams. It allows you to classify and protect your organization’s data using sensitivity labels, retention policies, and built-in classifiers. For example, you can set auto-labelling policies to detect confidential files and apply sensitivity labels to keep data safe wherever it goes. |
| Microsoft Purview Data Loss Prevention (DLP) | Microsoft Purview allows you to implement data loss prevention by defining and applying DLP policies. This helps you identify, monitor, and automatically protect sensitive data-at-rest, in motion, and in use. DLP works with Microsoft Information Protection to recognize sensitive data via labels. It prevents unauthorized sharing by showing policy tips, blocking actions, and logging events in the alerts dashboard. |
| Microsoft Purview Message Encryption | Message Encryption allows your organization to send and receive protected emails across providers like Outlook, Gmail, Yahoo, and other email providers, ensuring only the intended recipient can read them. You can apply encryption with options using Encrypt-Only or Do Not Forward, or automatically through mail flow rules to keep sensitive emails and attachments secure. |
| Microsoft Purview Customer Key | Customer Key adds extra protection by letting your organization control the encryption keys, even though Microsoft 365 data is encrypted by default, going beyond BitLocker and server-side encryption. This helps you meet compliance requirements and maintain ownership of sensitive data across Exchange, SharePoint, OneDrive, and Teams. |
| Microsoft Purview Communication Compliance | This is an insider risk prevention solution that helps you detect and act on inappropriate or risky messages, such as data leaks, harassment, or policy violations. It flags issues like profanity, inappropriate images, and more, making it easier to address potential risks before they escalate. It works across Microsoft apps and popular third-party platforms, ensuring safe and compliant communication while respecting user privacy. |
| Microsoft Purview Records and Data Lifecycle Management | This feature lets you set policies to retain important data as needed and securely delete it when no longer required. It retains or deletes email messages, preserves mailbox content, expands storage when needed, and safeguards against accidental or unauthorized deletion to keep critical business records available and compliant. |
| Microsoft Purview eDiscovery (Premium) | eDiscovery Premium helps you find, preserve, and review data across Exchange Online, OneDrive for Business, Microsoft Teams, and more, making legal investigations and compliance easier. It also uses role-based permission to ensure only the right people have access. It allows you to locate and analyse data directly at its source without moving it outside the Microsoft 365 environment. |
| Microsoft Purview Audit (Premium) | With Audit Premium, you get deeper visibility into activities across Microsoft 365 with log retention of up to 1 year and extended audit log retention up to 10 years with an additional license add-on. You can create custom policies to retain specific activities, such as user actions or events in services like Exchange Online and SharePoint Online. It helps your organization investigate incidents, meet compliance needs, and strengthen security beyond the standard audit features. |
3. Get Microsoft Defender and Purview Suite for Business Premium at $15/user/month
This add-on combines the capabilities of both Defender and Purview Suites into a single, cost-effective solution. It provides email security, compliance, data protection, identity protection, device management, and more, giving organizations enterprise-grade protection in one add-on.
By bundling these solutions, you can save significantly compared to buying individual licenses. The combined value of these standalone licenses exceeds $47.20/user/month. With Microsoft Defender and Purview Suites included in Business Premium, organizations pay only $15/user/month, resulting in approximately 68% savings while enhancing overall security and compliance.
Key Things to Know!
- These new add-ons for Microsoft 365 Business Premium will be available starting in September 2025.
- You can purchase these add-ons through the Microsoft Security for SMBs website or via your Microsoft Partner.
- You can purchase a mix of add-ons, with a maximum of 300 users and a minimum of 1 user.
- Mixed licensing is not supported and if both Defender for Business (included in Business Premium) and Defender for Endpoint Plan 2 exist in the same tenant, all users will default to Defender for Business.
- For partners or customers building a SOC with MDR, Defender for Business can stream device events (file, registry, network, logon, and more) to Azure Event Hub, Azure Storage, or Microsoft Sentinel for advanced hunting and attack detection.
With these three new security and compliance add-ons for Microsoft 365 Business Premium, your organization gains enterprise-grade protection and compliance in a cost-effective package. These add-ons help safeguard data, identities, and communications while staying ahead of potential risks. Take the next step today and simplify your security and protect your business with confidence.
