We'll Modernize Your IT Security and Management with Microsoft 365
No more legacy IT security based on Windows Sever AD consisting of usernames that are easy to guess, passwords that never change and no multi-factor authentication
Simplify into an integrated cloud-based IT security and management platform and get rid of your mishmash of 3rd party IT security services.
If Microsoft 365 security is good enough for Microsoft, a near $3T company with 200,000 global employees, I'm sure it is good enough for you and me.
Watch the video below on how we integrate all the most advanced features of the Microsoft 365 security suite.
You're an IT manager considering endpoint detection and response services like SentinelOne, Crowdstrike, CarbonBlack, Blackberry Cylance, and Huntress because of industry buzz, Google searches, your parent company, or your insurance company have told you that you need an endpoint detection and response, or “EDR” solution, for modern secure endpoint protection.
You're vaguely aware that Microsoft has an EDR service called Microsoft Defender for Endpoint. Now, Microsoft Defender for Endpoint has two versions: Plan 1 and Plan 2. Microsoft Defender for Endpoint Plan 2 is Microsoft’s top EDR service, built for large enterprise companies with up to 100,000+ users.
But you're probably not aware that Microsoft has another EDR offering very similar to Microsoft Defender for Endpoint Plan 2, for businesses with up to 300 users, and that is Microsoft Defender for Business.
And here's what’s crazy: from talking to around 300 new prospective clients every year, you're using either Microsoft 365 Business Standard, Office 365 E3, or Microsoft 365 E3 for Exchange Online email and getting your users the subscription version of the Office desktop apps. And that’s as far as you have gone with your Microsoft 365 integration. You know you are completely underutilizing your Microsoft 365 licenses.
You're not aware that you’re one Microsoft 365 license adjustment away from having the security capabilities of Microsoft’s top EDR system, Microsoft Defender for Business, which is Microsoft’s AI and machine learning, cloud-connected endpoint detection and response system, integrated into Microsoft 365 and Azure Active Directory. It’s a direct, peer competitor to all those other EDR services I mentioned earlier and others like FireEye, Palo Alto Cortex, Sophos Intercept, FortiEDR.
Do you think that Microsoft, with 200,000+ employees across the world, uses SentinelOne or Crowdstrike? Of course, they don’t. Do you think Microsoft, whose IT security systems you as an IT manager manage DAILY, such as Windows Server AD and Azure AD, is firmly in the business of modern IT security systems? Of course, they are.
Microsoft protects their 200,000+ endpoints with Microsoft Defender for Endpoint Plan 2.
Take a look at this feature list between Microsoft Defender for Endpoint Plan 2 and Microsoft Defender for Business. They are nearly identical, and Microsoft Defender for Business is half the cost of Microsoft Defender for Endpoint Plan 2.
And here is what most of you don’t know…
While you can buy Microsoft Defender for Business by itself, Microsoft Defender for Business comes included with Microsoft 365 Business Premium, which then allows us to integrate additional security services that are also included with Microsoft 365 Business Premium, such as Microsoft Defender for Office 365 Plan 1 for link scanning and file detonation, Microsoft Intune for device health compliance confirmation, and Azure Active Directory Premium Plan 1 for conditional access. When we integrate these security services together, we upgrade our IT security further from Endpoint Detection and Response, or EDR, to Extended Detection and Response, or XDR, where we have multiple layers of security services, working in Microsoft 365 Business Premium as a single system, ensuring we have healthy secure endpoint devices connecting to your IT, uncompromised valid user identities connecting from those healthy devices, and clean secured company data, easily and quickly accessible, encrypted in the Microsoft cloud, encrypted on the devices that access them, encrypted in transit, and firmly in our control.
Our clients that have Microsoft 365 Business Premium, which is most of our 200+ clients, already have Microsoft Defender for Business deployed and protecting them as a full XDR solution.
And for the cost and prices, it goes like this—and please note, Microsoft 365 licensing and pricing is complex, and I’m going to be using simple round number list prices here to give you a ballpark idea of the cost.
If you just want to implement an EDR solution as an add-on to your existing Microsoft 365 Business Standard, Microsoft 365 E3, or Office 365 E3 or E5 license, you can add Microsoft Defender for Business for $36/user/year, which is the equivalent of $3/user/month.
But why would you stop there when you are so close to doing this the right way? And I’m talking about a full XDR solution.
If you want full XDR, top-of-the-line modern IT security and stability for your company—the type of security Microsoft themselves use in their 180,000 global company, and you yourself don’t need more than 300 licenses, you should just upgrade to Microsoft 365 Business Premium:
Upgrading from Microsoft 365 Business Standard to Microsoft 365 Business Premium is a cost increase of about $11/user/month and gives us WAY more than modern XDR. For that additional $11/user/month, you get a complete cloud IT infrastructure for your emails, files, phones, apps, security, and
management, and I’ll come back to that shortly.
Upgrading from Office 365 E3 is a cost DECREASE of $1/user/month.
Upgrading from Microsoft 365 E3 is a cost DECREASE of about $17/user/month.
If you have Microsoft 365 E5, just stay where you are. You have the best, most modern, most secure IT system that Microsoft makes and includes EVERYTHING you can get in Microsoft 365—you have all the goodies, all the IT toys. I salute the fact you didn’t cheap out on your IT, which I see IT managers do all the time because they don’t know what they don’t know.
The problem with Microsoft 365 E5, as I see it when I run into you guys, is that you bought that subscription knowing it is the best and most expensive one Microsoft makes, at $68/user/month on a monthly license. However, you aren't leveraging all the sophisticated XDR security technology you own. You haven't confidently deployed Intune, if at all, and you haven't Azure AD enrolled your company computers. Your conditional access policies are super basic, if they exist at all. You haven't configured insider threat management – a VERY powerful service not included in Microsoft 365 Business Premium. You don't have Microsoft Defender for Identity configured, nor do you have the basic features of Microsoft Purview compliance set up. The list goes on and on. I'm sure you bought it thinking you'd get around to integrating all this technology because you're smart and learn things fast. However, the reality is that being an internal IT manager means you're never going to get the training and experience needed for deploying these systems repeatedly to gain the confidence for these integrations. You surely can't afford the career risk of making your first deployment the only network you work on – the one network you must keep stable and secure to justify your high salary requirements and cushy white-collar job. That's where a company like Xerillion comes in, a company that ONLY designs, integrates, and supports Microsoft 365 and Azure cloud systems. We can take you somewhere, but before we get into that, let me show you this:
If you move to Microsoft 365 Business Premium, in addition to getting a full XDR security capability, it includes:
1. Entra ID P1 (formerly Azure AD P1) ($7/user/month add-on)
- I see many of you with this license, added on to a Microsoft 365 Business Standard, Business Basic, or Office 365 E3 license, again for around $7/user/month, but you aren't doing anything with it. I think most of you think you need it for MFA, which you don't. Or that you'll use it for conditional access or single-sign-on, maybe, but those things are never configured. It's always sitting there, wasting the company's money and looking good because it says “premium,” but again, you aren't using the premium features.
- MFA with conditional access rules to Microsoft 365 cloud services.
- Passwordless login with MFA to your Windows computers.
- Provides MFA authentication for Microsoft 365 cloud services.
- Windows Hello for Business.
- You don't need Cisco Duo.
- Self-service password reset.
- Computer profile settings will roam with you.
- Enterprise State Roaming with OneDrive.
- Computers will be encrypted for lost or stolen computer protection.
- Windows Bitlocker recovery key automatically saved.
- Single-sign-on for 3rd party web apps.
- Secure account/password sharing for 3rd party web apps.
2. Microsoft Intune ($9/user/month)
- Computer management.
- Mobile device management.
- Device compliance.
- App management.
- Data control on devices.
- Imageless cloud-connected computer setups.
- Microsoft Autopilot.
- IT doesn't have to receive the computer.
- Just add the device's hardware hash to Intune for that user.
- User connects to the Internet.
- Autopilot sets up the computer for the user.
- The user doesn't have to be a local administrator.
3. Microsoft Defender for Office 365 Plan 1 ($2/user/month)
- You guys usually have a 3rd party service for this, like Barracuda, Mimecast, Proofpoint.
- Email link protection.
- Files detonation testing for files that come through in emails, or are uploaded to Teams, OneDrive, and SharePoint.
- Zero-day threat protection for the data inside your system.
4. Microsoft Defender for Business EDR ($3/user/month)
- Endpoint Detection and Response.
- URL and network connection filtering.
- Microsoft Defender Network Protection.
- Filtering any connections made by your computer to the Internet.
- Applicable wherever that computer goes.
- Web Content Filtering.
- Block web content by categories like porn and gambling.
5. Microsoft Teams Audio Conferencing ($2/user/month)
- Often used in place of Zoom, Ring Central, Webex, GoToMeeting.
- People can dial into your Teams meetings.
6. Microsoft Purview Information Protection
- Digital security group labels for files and email.
7. 1.5TB Email Archiving Folder
- People often use Barracuda or Mimecast for this purpose.
8. Universal Print (a cloud print server) ($5/user/month)
9. Litigation Hold and E-Discovery ($7/user/month)
So, I've just gone over useful, practical Microsoft 365 services—none of this is fluff. If you purchased them as add-ons or third-party services, it would be around $35/user/month.
- If you upgrade from Microsoft 365 Business Standard, you get $35/user/month of tech for $11/user/month, and that includes an XDR security system, which we started this video with.
- If you upgrade from Office 365 E3, you get $35/user/month of tech for a cost savings of $1/user/month.
- If you upgrade from Microsoft 365 E3, you get $35/user/month of tech for a cost savings of $17/user/month.
And if you currently have a long list of separate third-party services and vendors like I mentioned in this video, you'll no longer have all these vendors, services, and contracts to manage. This means the thousands of dollars a year the company spends on IT personnel to manage these things will now be used for higher value, more interesting work within the company.
And there are other important soft-number company measurements:
- Revenue increases from higher employee productivity due to a smoother, more secure IT system.
- Incremental reduction in IT overhead and management expenses since cloud systems are highly scalable and require less management.
- Reduction in IT overhead expense and inefficiencies from reduced IT personnel churn, created by a lower-stress, more interesting IT work environment.
So far, we’ve talked about the monthly costs. These systems need to be integrated, and there are one-time project costs to properly integrate all the Microsoft 365 security and management services. This typically ranges from $10,000 to $20,000, again, one-time. But, if you have the budget for it, the good news is it isn’t a project you do every five years; once it’s done, it's done. After the integration is done, it’s just an ongoing monthly process of monitoring, remediation, and tweaking, like any other IT system, and that does require internal or external managed services processes. But there's no hardware to refresh, no software to upgrade.
A properly designed, implemented, and supported Microsoft 365 Business Premium or Microsoft 365 E5 system is the smoothest, most enjoyable IT system to manage and operate.
You’ll have everything you need with Microsoft 365 Business Premium, which is what I HIGHLY recommend, as it is Microsoft’s best value for the money. You can get up to 300 licenses before you have to start purchasing enterprise licenses like Microsoft 365 E5.
If you are interested in talking about implementing Microsoft 365 properly and holistically, reach out to us at support@xerillion.com, or call 847-995-9800, or fill out our website contact form at Xerillion.com.
Wayne Chapin
President
Xerillion
847-995-9800