What is Microsoft Enterprise Mobility + Security (EMS)?
Microsoft Enterprise Mobility + Security (EMS) is an intelligent mobility management and security platform. What this means is that EMS helps protect and secure your organization with its products that act to increase security features of Windows 10 and Microsoft 365.
How do I get EMS?
Microsoft EMS can be purchased as a standalone product. EMS E3 is $8.80 USD/user/month while EMS E5 is $14.80 USD/user/month. A more detailed comparison can be found in the tables below which gives a breakdown on what applications and features are found in EMS E3 and EMS E5 to help you understand which subscription is best suited for your organization’s needs.
An alternative is to purchase a Microsoft 365 enterprise subscription – Microsoft 365 E3 or E5 which comes with Microsoft EMS. The Microsoft 365 Enterprise E3 and E5 solutions offer not only EMS, but Microsoft 365 Apps, unlimited OneDrive storage for subscriptions with 5 or more users, Microsoft Teams, and numerous other tools like Power Automate and Power Apps. The Microsoft 365 E3 plan is $32 USD/user/month and the Microsoft 365 E5 plan is $57 USD/user/month- both great prices for its offerings.
It is important to note that Office 365 E3 and E5 are other enterprise plans that Microsoft offers besides Microsoft 365 E3 and E5. However, the Office 365 E3 and E5 plans do not come with EMS unlike Microsoft 365 E3 and E5 and so EMS has to be purchased individually and added on to the Office 365 E3 and E5 plans.
The main difference between Office 365 E3 + EMS E3 and Microsoft 365 E3 would be that the Office 365 E3 + EMS E3 would not include Windows 10 Enterprise E3 which Microsoft 365 E3 has. Windows 10 gives your organization advanced security, deployment methods, compatibility methods and productivity features. Similarily with Office 365 E5 + EMS E5 and Microsoft 365 E5, the Office 365 plan doesn’t include the Windows 10 Enterprise E5 plan. Price wise Microsoft 365 E3/E5 plans would have the best deal if you wish to have Office 365 Enterprise E3/E5 + EMS E3/E5 + Windows 10 Enterprise E3/E5 instead of purchasing all the components individually.
EMS E3 vs. EMS E5 Comparison
EMS E3 VS. EMS E5 Comparison Conclusion:
Some notable differences between the applications offered in E5 that are not found in E3 as highlighted by the tables are:
- Azure Active Directory Identity Protection– This tool automates the detection and remediation of identity-based risks, investigates risks using data in the portal, and exports risk detection data to third-party utilities for further analysis.
- Privileged Identity Management – This tool helps discover, restrict, and monitor administrators and their access to resources as well as provide users just-in-time access when needed.
- Microsoft Cloud App Security – This tool allows you to discover and control the use of Shadow IT, protect your information anywhere on the cloud, protect against cyberthreats and anomalies and assess the compliance of your cloud apps.
- Azure Advanced Threat Protection – This tool monitors users behaviour and activities, protects user identities and reduces the attack surface, identifies and investigates suspicious user activities and advanced attacks.
- Azure Information Protection P2– This tool includes intelligent data classification and labeling, has capabilities like controling oversharing of information when using Outlook, and much more.
- Risk-based conditional access– This is a feature in Azure Active Directory that automatically repsonds to risky behaviours. It can automatically block a sign-in attempt or require a password change or Multi-Factor Authentication as a precaution.
If you believe that any of the above is necessary and essential for your organization, you may need to consider subscribing to EMS E5 instead of EMS E3.
Posted by: Noorez Khamis & Linda Chen