Microsoft 365 Standard or Premium? What is the best plan for your business and is it worth the upgrade? A question we get asked on a regular basis.

As is usual with Microsoft, is not the easiest question to answer because you have to do a lot of research to find out the differences in the two plans. So let me try to answer that question and then give you our option on whether it is worth the extra cost.

First of all, for those that don’t know. Microsoft 365 is the new name for Office 365 and the subscription offering has changed! Let us start by what you get from both licence plans and then we will look at the differences.

Microsoft 365 Business Standard and Premium will give you more than enough functionality to run your business.

You will get the following:

  • The full Microsoft Office desktop apps – Outlook, Word, Excell, PowerPoint, Teams, Sharepoint, OneDrive and Exchange.
  • Security and Compliance – Spam filtering, Security groups and password policies.

With M365 Business Premium you get the additional features:

  • Advanced threat protection
  • Compliance
  • PC and mobile device management

When you look at the additional features for an additional £5.70 per user per month it doesn’t look very much. However, this is where it gets really interesting and worth a deep dive into each section so you get the full picture.

Advanced Threat Protection

This feature helps your business guard against the sophisticated phishing and ransomware attacks that have been cleverly designed to trick your employees to click on a link. Once that link has been clicked, they have you. ATP works by scanning all incoming messages using AI (Artificial Intelligence) powered analysis to detect and discard any email that is found to be dangerous to your business.

It also automatically checks and embedded web links to see if they are part of any phishing scheme. This is designed to keep you safe from accessing any dodgy website. This is not infallible but certainly helps to reduce the chance of a successful attack.

Additional Security Features

  • Using Microsoft Intune, you will get added security for the management of your desktop PC/Laptops and your mobile estate. In addition, you get what Microsoft call Conditional Access, this will give you the following features:
  • Access based on username, group and role
  • Access based on the app you are using
  • Access based on your location and only allow access from devices and specific countries
  • Multi-factor authentication (MFA) – An additional layer of security, not relying on your user password. Normally a text to your mobile for authentication.
  • Block access to apps that use legacy authentication
  • Require all apps to use Intune app protection
  • You can also use third-party MFA for trusted providers

Data Loss Prevention (DLP)

You can set DLP policies to automatically detect sensitive company information (i.e. credit cards, personal information etc) in files and documents and block this information from leaving the business. Great for GDPR compliance.

Sensitivity Labeling

Using Azure Information Protection, you can now control access to sensitive information in emails and documents with controls like ‘do not copy’ or ‘do not forward. You can add certain classifications to documents like ‘confidential’ and specify what documents can be shared outside of your organisation. Enterprise-grade encryption is included to further ensure your intellectual property (IP) stays within your business.

Microsoft 365 Standard or Premium? And is it worth the extra cost?

Yes, we fundamentally believe that the additional cost is worth the money.

We can justify that statement by looking at the individual cost for each additional element of Microsoft Premium. If you take the Multifactor authentication, then an average monthly cost would be around £3.00 – £3.50per user. Data Loss Prevention software alone would be around £4.50 per user and not really available under a 100 user businesses. So, those two stand-alone products alone would cost you at least £7.50 per month per user. And that is before we start adding Mobile Device Management and Advanced Threat Protection.

Now I am not suggesting for a moment that those Microsoft services I have mentioned are going to be as comprehensive as a stand-alone package. However, they will give you a very good level of protection and in this day and age that is all a business can be expected to provide. It is certainly enough to cover your GDPR requirements and set you up nicely if you are looking to get Cyber Essentials Plus accreditation.

However, as always there is a caveat. If you are a small business, then you may not be able to make a business case for the additional spend and may not see the value. This is fine, the M365 Standard will give you enough functionality. But, for most businesses, I think the additional cost is well worth the money. Especially when you look at the number of cyber-attacks and new rules around GDPR and compliance.

For more information get in touch at