Introducing new security and compliance add-ons for Microsoft 365 Business Premium
Small and medium businesses (SMBs) are under pressure like never before. Cyber threats are evolving rapidly, and regulatory requirements are becoming increasingly complex. Microsoft 365 Business Premium is our productivity and security solution designed for SMBs (1–300 users). It includes Office apps, Teams, advanced security such as Microsoft Defender for Business, and device management — all in one cost-effective package. Today, we’re taking that a step further. We’re excited to announce three new Microsoft 365 Business Premium add-ons designed to supercharge security and compliance. Tailored for medium-sized organizations, these add-ons bring enterprise-grade security, compliance, and identity protection to the Business Premium experience without the enterprise price tag. Microsoft Defender Suite for Business Premium: $10/user/month Cyberattacks are becoming more complex. Attackers are getting smarter. Microsoft Defender Suite provides end-to-end security to safeguard your businesses from identity attacks, device threats, email phishing, and risky cloud apps. It enables SMBs to reduce risks, respond faster, and maintain a strong security posture without adding complexity. It includes: Protect your business from identity threats: Microsoft Entra ID P2 offers advanced security and governance features including Microsoft Entra ID Protection and Microsoft Entra ID Governance. Microsoft Entra ID protection offers risk-based conditional access that helps block identity attacks in real time using behavioral analytics and signals from both user risk and sign-in risk. It also enables SMBs to detect, investigate, and remediate potential identity-based risks using sophisticated machine learning and anomaly detection capabilities. With detailed reports and alerts, your business is notified of suspicious user activities and sign-in attempts, including scenarios like a password-spray where attackers try to gain unauthorized access to company employee accounts by trying a small number of commonly used passwords across many different accounts. ID Governance capabilities are also included to help automate workflows and processes that give users access to resources. For example, IT admins historically manage the onboarding process manually and generate repetitive user access requests for Managers to review which is time consuming and inefficient. With ID Governance capabilities, pre-configured workflows facilitate the automation of employee onboarding, user access, and lifecycle management throughout their employment, streamlining the process and reducing onboarding time. Microsoft Defender for Identity includes dedicated sensors and connectors for common identity elements that offer visibility into your unique identity landscape and provide detailed posture recommendations, robust detections and response actions. These powerful detections are then automatically enriched and correlated with data from other domains across Defender XDR for true incident-level visibility. Keep your devices safe: Microsoft Defender for Endpoint Plan 2 offers industry-leading antimalware, cyberattack surface reduction, device-based conditional access, comprehensive endpoint detection and response (EDR), advanced hunting with support for custom detections, and attack surface reduction capabilities powered by Secure Score. Secure email and collaboration: With Microsoft Defender for Office 365 P2, you gain access to cyber-attack simulation training, which provides SMBs with a safe and controlled environment to simulate real-world cyber-attacks, helping to train employees in recognizing phishing attempts. Additionally automated response capabilities and post-breach investigations help reduce the time and resources required to identify and remediate potential security breaches. Detailed reports are also available that capture information on employees’ URL clicks, internal and external email distribution, and more. Protect your cloud apps: Microsoft Defender for Cloud Apps is a comprehensive, AI-powered software-as-a-service (SaaS) security solution that enables IT teams to identify and manage shadow IT and ensure that only approved applications are used. It protects against sophisticated SaaS-based attacks, OAuth attacks, and risky interactions with generative AI apps by combining SaaS app discovery, security posture management, app-to-app protection, and integrated threat protection. IT teams can gain full visibility into their SaaS app landscape, understand the risks and set up controls to manage the apps. SaaS security posture management quickly identifies app misconfigurations and provides remediation actions to reduce the attack surface. Microsoft Purview Suite for Business Premium: $10/user/month Protect against insider threats Microsoft Purview Insider Risk Management uses behavioral analytics to detect risky activities, like an employee downloading large volumes of files before leaving the company. Privacy is built in, so you can act early without breaking employee trust. Protect sensitive data wherever it goes Microsoft Purview Information Protection classifies and labels sensitive data, so the right protections follow the data wherever it goes. Think of it as a ‘security tag’ that stays attached to a document whether it’s stored in OneDrive, shared in Teams, or emailed outside the company. Policies can be set based on the ‘tag’ to prevent data oversharing, ensuring sensitive files are only accessible to the right people. Microsoft Purview Data Loss Prevention (DLP) works in the background to stop sensitive information, like credit card numbers or health data, from being accidentally shared with unauthorized people Microsoft Purview Message Encryption adds another layer by making sure email content stays private, even when sent outside the organization. Microsoft Purview Customer Key gives organizations control of their own encryption keys, helping meet strict regulatory requirements. Ensure data privacy and compliant communications Microsoft Purview Communication Compliance monitors and flags inappropriate or risky communications to protect against policy and compliance violations. Protect AI interactions Microsoft Purview Data Security Posture Management (DSPM) for AI provides visibility into how AI interacts with sensitive data, helping detect oversharing, risky prompts, and unethical behavior. Monitors Copilot and third-party AI usage with real-time alerts, policy enforcement, and risk scoring. Manage information through its lifecycle Microsoft Purview Records and Data Lifecycle Management helps businesses meet compliance obligations by applying policies that enable automatic retention or deletion of data. Stay investigation-ready Microsoft Purview eDiscovery (Premium) makes it easier to respond to internal investigations, legal holds, or compliance reviews. Instead of juggling multiple systems, you can search, place holds, and export information in one place — ensuring legal and compliance teams work efficiently. Microsoft Purview Audit (Premium) provides deeper audit logs and analytics to trace activity like file access, email reads, or user actions. This level of detail is critical for incident response and forensic investigations, helping SMBs maintain regulatory readiness and customer trust. Simplify Compliance Management Microsoft Purview Compliance Manager helps track regulatory requirements, assess risk, and manage improvement actions, all in one dashboard tailored for SMBs. Together, these capabilities help SMBs operate with the same level of compliance and data protection as large enterprises but simplified for smaller teams and tighter budgets. Microsoft Defender and Purview Suites for Business Premium: $15/user/month The new Microsoft Defender and Purview Suites unite the full capabilities of Microsoft Defender and Purview into a single, cost-effective package. This all-in-one solution delivers comprehensive security, compliance, and data protection, while helping SMB customers unlock up to 68% savings compared to buying the products separately, making it easier than ever to safeguard your organization without compromising on features or budget. FAQ Q: When will these new add-ons be available for purchase? A: They will be available for purchase as add-ons to Business Premium in September 2025. Q: How can I purchase? A: You can purchase these as add-ons to your Business Premium subscription through Microsoft Security for SMBs website or through your Partner. Q: Are there any seat limits for the add-on offers? A: Yes. Customers can purchase a mix of add-on offers, but the total number of seats across all add-ons is limited to 300 per customer. Q: Does Microsoft 365 Business Premium plus Microsoft Defender Suite allow mixed licensing for endpoint security solutions? A: Microsoft Defender for Business does not support mixed licensing so a tenant with Defender for Business (included in Microsoft 365 Business Premium) along with Defender for Endpoint Plan 2 (included in Microsoft 365 Security) will default to Defender for Business. For example, if you have 80 users licensed for Microsoft 365 Business Premium and you’ve added Microsoft Defender Suite for 30 of those users, the experience for all users will default to Defender for Business. If you would like to change that to the Defender for Endpoint Plan 2 experience, you should license all users for Defender for Endpoint Plan 2 (either through standalone or Microsoft Defender Suite) and then contact Microsoft Support to request the switch for your tenant. You can learn more here. Q: Can customers who purchased the E5 Security Suite as an add-on to Microsoft 365 Business Premium transition to the new Defender Suite starting from the October billing cycle? A: Yes. Customers currently using the Microsoft 365 E5 Security add-on with Microsoft 365 Business Premium are eligible to transition to the new Defender Suite beginning with the October billing cycle. For detailed guidance, please refer to the guidelines here. Q: As a Partner, how do I build Managed Detection and Response (MDR) services with MDB? A: For partners or customers looking to build their own security operations center (SOC) with MDR, Defender for Business supports the streaming of device events (device file, registry, network, logon events and more) to Azure Event Hub, Azure Storage, and Microsoft Sentinel to support advanced hunting and attack detection. If you are using the streaming API for the first time, you can find step-by-step instructions in the Microsoft 365 Streaming API Guide on configuring the Microsoft 365 Streaming API to stream events to your Azure Event Hubs or to your Azure Storage Account. To learn more about Microsoft Security solutions for SMBs you can visit our website.Leverage the updated M365 SMB Upsell Guide for Partners
Dear Partners, Please download and leverage the updated the M365 SMB Upsell Guide for Partners. It shows how to address the most common upsell scenarios and gives guidance on what to position in the conversation with the customer. We will keep posting the latest version of the guide here once it is updated.
Veeam B&R backup jobs failed to login to Qnap Nas after KB5011503 installed
Good Morning, Veeam backup & Replication CE 11 (last release) installed on Windows Server 2019 Hyper-V VM from about 1 month Veeam Backup jobs use as destination a shared folder on Qnap Nas. Windows 2019 VM Italian language standalone, Qnap Nas under domain. R&W user used for Qnap autentication it's local user for Qnap and Administrator for Win2019 VM. All go fine before KB5011503 update After this installation Veeam Backup job works only with guest user. No other user can autenticate to Qnap with SMB 1, 2, 3 Error message on Qnap is "Processing MACHINENAME Error: Nome utente o password non corretta --tr:Error code: 0x0000052e Failed to process [isFileExists]. --tr:Client failed to process the command. Command: [isFileExists]. --tr:event:3:" Trying to uninstal KB5011503 update, after reboot all veeam Backup Job returns to work. Updating KB5011503 again all Job stop to work. Could be this a bug? Where I can report this to microsoft? Thanks PaoloWindows Server Summit 2024 – Powered by Engineering
The significantly EXPANDED Windows Server Summit 2024, with content now powered by Microsoft Engineering teams has been announced. Join us on March 26th to March 28th to discover the latest updates on Windows Server 2025, on-prem and Hybrid scenarios, Azure Arc, Identity, Virtualization, SMB updates and more! Interact with expert speakers and engineering teams through live Q&A and comments section. Register now and don't miss out on this multi-day, deep technical content focused, virtual event hosted on Microsoft Tech Community.Accidental Teams Free deletion email sent out - explanation and FAQs
Hi folks - My name is Sam Cosby and I help run the Customer Experience & Obsession side for Teams Free Organizations within the Teams Engineering Team at Microsoft. Thanks for feedback from some Teams Free users on the following thread, as this has helped convey a clear problem that we needed to address. The following post is to explain that particular problem in further detail, with some additional FAQs that should help us understand further for anyone who may have seen this. I'll follow up on this thread once the bug is fully resolved. I received an email stating my trial is ending for Microsoft Teams (Free), but I didn’t sign up for a trial, why did I receive this? Back in January of 2021, there was an implementation of a new method to help reduce the number of Teams Free organizations that go unused over a 90-day period of inactivity by deleting them. Only organizations that did not have any sign-ins during this period and/or the grace period after the 90 days (120 days in total), would eventually become deleted. Unfortunately, there was a bug that sent out notification emails to Teams Free Admins even if their organization was in use during the past 90 days. We’ve since fixed this bug and expect that we shouldn’t see any additional emails be sent out to organizations that have been recently used. Figure 1: Example of accidental email sent out. Will Teams Free still delete in the next few weeks? No, as long as Teams has been in use in the past 90 days. While there are articles out there that have shown Teams Free Admins how to view their license ‘duration’, it’s been confirmed that once the fix goes live that any Teams Free orgs impacted with the above email will be ‘extended’ automatically and won’t have to worry about any data loss. Why does Teams Free have a deleted state? There was a new organization deletion method created back in January of 2021 to help reduce organization clutter by implementing a new deletion policy on organizations that go unused over a 90-day period of inactivity by deleting them. Only Teams Free organizations that did not have any sign-ins during this period and during the 30-day grace period after the 90 days (120 days in total), would eventually become deleted. Will documentation be updated? Yes. We realized that while this new method to help reduce organization clutter was released, the documentation unfortunately did not get updated as expected. We’ll be making changes to this as soon as we can to address the new deletion policies for Teams Free orgs moving forward. What does deleted mean for Teams Free? When the subscription is deleted, customer data is deleted and Azure Active Directory is removed, if not in use by other services. Users can’t access Teams, files/apps/services in this state.New Microsoft Purview Deployment Blueprint | Lightweight guide to mitigate data leakage
We’re excited to share our latest Data Security deployment blueprint: “Lightweight guide to mitigate data leakage”—a practical resource designed to help organizations quickly enable core data security features across their Microsoft 365 estate with minimal setup. The blueprint follows a good / better / best model that maps protections to your licensing. “Good” highlights foundational features included in Business Premium SKUs, while “Better” and “Best” layer in advanced E5 Compliance capabilities, such as auto-labeling, Endpoint DLP, insider risk signals and much more. With the new E5 Compliance Add-On for Business Premium, this guide shows how organizations can capture quick wins today while building toward stronger, long-term security practices. This blueprint is designed for IT administrators, security teams, and compliance stakeholders tasked with protecting sensitive data – and it’s equally valuable for Microsoft partners and consultants supporting customers on their data security journey. Whether you’re enabling basic safeguards or advancing towards automated protection, this guide provides clear, actionable steps to strengthen your data security posture. Ready to get started? Visit our Purview deployment blueprint page or jump straight to the direct PPT link for a step-by-step walkthrough. Securing your data doesn’t have to be complex – this lightweight blueprint makes it achievable for organizations of any size.
