A brief guide to the security benefits of Microsoft 365 E5

With Microsoft’s premium, enterprise-level 365 E5 licence, organisations have access to a wealth of services and features including Exchange Online, SharePoint Online, Skype for Business, Teams, Power BI Pro and Audio Conferencing. This is the highest-level plan that our partner offers (with even more functions than the E3 licence), and as such includes more tools and features than any of their other plans.

Unsurprisingly, it’s also the most costly of Microsoft’s plans, so you’ll want to gain as much value from it as possible.

Security comes first

Security is a top priority and so the E5 licence includes plenty of advanced security features to help businesses improve their security posture. Together, they cover the full breadth of your IT estate.

Among these are:

• Defence against zero-day attacks and spear phishing, using machine learning to detect and block malicious activity
• Advanced identity and access management capabilities, including multi-factor authentication (MFA), self-service password reset and single sign-on (SSO)
• Endpoint protection by identifying, detecting and responding to advanced threats on a wide range of devices
• Behavioural analytics and anomaly detection
• Automatic analysis of IT infrastructure for suspected breaches
• Cloud apps security to help businesses monitor and protect their data in cloud apps by providing visibility into the apps that their employees use and the data they access.

E5 includes the full Microsoft Defender suite:

• Microsoft Defender for Cloud Apps
• Microsoft Defender for Endpoint
• Microsoft Defender for Identity
• Microsoft Defender for Office 365.

Tracking, monitoring, detecting and responding

As expected, these tools are integrated, so together they defend the entire IT environment every minute of the day. And Microsoft continuously updates its suite to stay ahead of adversaries. The company invests $1 billion a year into cyber security and this includes considerable expenditure on researching, tracking and analysing cyber threats and cybercriminals’ evolving tactics, techniques and procedures (TTPs). It then feeds its findings back round to improve its products.

The tools detect anomalous behaviour in a network to reduce the chances of a breach from outside or malicious insiders causing damage or stealing data. Tools also encrypt critical files, track who accesses which information, where and when, restrict the oversharing of documents and inform administrators if any confidential information is accessed. Furthermore, continuous monitoring flags up potentially suspicious documents, which are automatically reported.

Today, every IT vendor acknowledges that software and systems have vulnerabilities, so E5 also provides customers with the use of attack simulators and vulnerability assessment, checking for any known weaknesses and threat actors that might be trying to exploit them.

Human-led cyber security

However, even equipped with Microsoft’s security tools, organisations still need trained cyber security professionals who know how to use them to their full potential. Cybercriminals are constantly working on new ways to evade defences and breach IT systems. That’s why Quorum Cyber’s Managed XDR service combines human creativity and ingenuity to maximise the full capabilities of the tools available in your E5 licence.

Every organisation is advised to take a multi-pronged approach to security including employee training in cyber security awareness and phishing techniques, and adopting a zero trust approach. It’s also good practice to put a carefully-considered incident response strategy in place to prepare as well as possible for the worst-case scenario of a cyber breach.