Microsoft Security Pathways: A Partner's Guide to Higher-Value Upsells

For Microsoft Partners providing managed services, we're witnessing a perfect convergence of market forces creating unprecedented demand for enhanced security offerings. The rapid adoption of AI tools like Microsoft Copilot, combined with impending regulatory changes to Australia's Privacy Act, has fundamentally altered the security landscape for businesses of all sizes.

In my discussions with partners across Australia, security capabilities have become a key differentiator between successful practices and those struggling to keep customers. The partners experiencing the most growth have realised that security is no longer an optional add-on, but a foundation of their practice.

This article examines how Microsoft's often-overlooked mini bundles and add-on licenses create practical upsell pathways for partners. These pathways not only increase your average revenue per user but also position you as an essential advisor when your customers need expertise most.

In this article:

• The Changing Security Landscape for Australian SMBs
• Microsoft's Mini Bundles and Add-On Options
• Six Common Security Upsell Pathways
  • M365 Business Standard to M365 Business Premium
  • M365 Business Premium + Information Protection and Governance
  • M365 Business Premium + Advanced Identity Protection
  • M365 E3 + Security or Compliance Mini Bundle
  • M365 E3 to M365 E5
  • M365 Business Premium + M365 E5 Mini Bundle
• Securing SaaS Applications with Defender for Cloud Apps
• Taking the Next Steps with Your Customers
• Conclusion: The Time to Act is Now

The Changing Security Landscape for Australian SMBs

The potential removal of the small business exemption from Australia's Privacy Act means that even small businesses may soon need to comply with stringent data privacy regulations. This legislative shift will significantly impact how businesses handle personal data, emphasising the need for robust security and identity management solutions.

With over 2.5 million businesses in Australia employing fewer than 200 people, most rely heavily on IT service providers for traditional managed services and cybersecurity capabilities. The APAC region's significant contribution to the global security skills shortage makes it nearly impossible for these organisations to internally recruit the necessary cyber-skilled resources.

Our economy now fundamentally depends on Managed Service Providers (MSPs) to deliver the services required to meet regulatory requirements. This includes understanding the legislation, implementing the necessary controls and assessing business impact. The Australian government will need to consider the time and investment required for MSPs to upskill their staff, develop services and deploy them to customers.

Simultaneously, as organisations increasingly use Microsoft Copilot and other AI tools, data security has become central to our discussions with Microsoft Partners. It's crucial to ensure that access to sensitive information is restricted to authorised users while remaining available to AI tools to maximise their effectiveness.

This creates a unique opportunity for customers to invest in AI adoption - reaping significant benefits in productivity, efficiency, creativity and collaboration - while simultaneously enhancing their security posture to mitigate risks and prepare for forthcoming Privacy Act changes.

Microsoft's Mini Bundles and Add-On Options

Often forgotten in the broad portfolio of Microsoft licenses are the mini bundles and standalone solutions that can be added to any tenant or existing underlying licenses. For example, we're seeing Entra ID Plan 2 added to customers' tenants to enhance their identity security posture and enable capabilities that MSPs can monetise.

Entra ID Plan 2 capabilities including Token Protection, User Risk and Sign-in Risk coupled with ID Governance are allowing Microsoft partners to upsell to customers, increase margins and significantly de-risk both their customers and their own MSP businesses.

Mini Compliance Bundles

Additionally, three mini compliance bundles can now be added to M365 Business Premium. These three bundles provide capability directly related to the requirements associated with both adoption of AI and The Australian Privacy Act regulations.

The Partner Opportunity

Upselling mini bundles will unlock new professional services and managed services revenue streams, including highly consultative deployment and ongoing management of data loss prevention, encryption and ransomware mitigation services.

To help you get started, we've also got your upsell propensity data ready to be leveraged by your sales teams so that they can have targeted conversations with the most profitable prospect customers.

What's included in the mini bundles?

The three compliance mini bundles below offer comprehensive capability that collectively include all of the Microsoft E5 Compliance Add-On features, which are exclusively available as an add-on to users with M365 E3 or O365 E3 + EMS E3 licenses. You also get the full Defender for Cloud Apps capability in the Information Protection and Governance Add-On, an essential and extremely powerful Cloud Access Security Broker. I often say it's the dark horse in the Microsoft Security portfolio, both in capability and customer value. After all, how many customers are using SaaS and web apps today?

• E5 Information Protection and Governance

• E5 Insider Risk

• E5 eDiscovery and Audit

This live Office document provides a detailed feature matrix covering all Microsoft Compliance licenses.

Six Common Security Upsell Pathways

This leads us to the specific upsell pathways for customers. Our extensive work with ANZ partners has identified common combinations that deliver significant value and represent straightforward upgrade opportunities.

Each pathway addresses specific security, and compliance needs while creating new partner revenue streams.

1. M365 Business Standard to M365 Business Premium

2. M365 Business Premium + Information Protection and Governance

3. M365 Business Premium + Advanced Identity Protection

4. M365 E3 + Security or Compliance Mini Bundle

5. M365 E3 to M365 E5

6. M365 Business Premium + M365 E5 Mini Bundle

1. M365 Business Standard to M365 Business Premium

Let's start by covering a very common upgrade path from M365 Business Standard to M365 Business Premium. In Australia, over 750,000 people use an M365 Business Standard license. I speak to partners that complement this license with security solutions, including email, identity and endpoint security. I also speak to partners that add limited or no security to Business Standard, exposing customers to significant, basic and highly prevalent threats.

In my nearly 5 years as a Microsoft technology subject matter expert, I've also yet to find a scenario where M365 Business Premium doesn't offer better protection or more profit for a managed services provider when compared to Business Standard coupled with numerous third-party vendor solutions that offer relative feature parity. Likewise, it's evident that consolidating security vendors and solutions reduces integration complexity and operational overheads, and complexity increases risk, creates blind spots, reduces visibility and leads to an increased likelihood of human error.

Here are some key reasons to consider upgrading from M365 Business Standard to Business Premium:

1. Advanced Security Features: Business Premium includes advanced security capabilities such as Microsoft Defender for Office 365, which protects against sophisticated threats like phishing and ransomware. This is crucial for safeguarding sensitive business data.

2. Enhanced Device Management: With Business Premium, you can access Microsoft Intune, which allows for comprehensive device management. This means you can enforce security policies across all devices, ensuring that both company-owned and personal devices used for work are secure.

3. Identity and Access Management: Business Premium includes Microsoft Entra ID (formerly Azure Active Directory) Premium P1, which offers advanced identity and access management features. This helps in managing user identities and controlling access to resources more effectively¹.

4. Information Protection: The plan includes Microsoft Purview Information Protection, which helps you discover, classify and protect sensitive information across your organisation¹. This is essential for compliance with data protection regulations.

5. Comprehensive Compliance Solutions: Business Premium provides tools to help you meet compliance requirements, including advanced auditing and reporting capabilities¹. This is particularly important if your business operates in a regulated industry.

6. Productivity and Collaboration Tools: While both plans offer core productivity tools like Word, Excel and Teams, Business Premium includes additional features such as advanced threat analytics and more robust collaboration tools.

Upgrading to Microsoft 365 Business Premium can significantly enhance your business's security posture, ensure compliance with regulatory requirements and provide a more secure and productive environment for your employees.

2. M365 Business Premium + Information Protection and Governance

The value of E5 Information Protection and Governance Add-On

The Microsoft 365 E5 Information Protection and Governance features provide organisations with robust tools to safeguard sensitive data and manage information effectively. The value of this offering includes:

1. Data Classification and Labelling: Automatic and manual data classification helps organisations identify and protect sensitive information based on its sensitivity level, including data traversing the internet to SaaS and Web Apps (using Defender for Cloud Apps).

2. Information Protection: Advanced encryption and rights management ensure that sensitive data is protected both at rest and in transit, preventing unauthorised access regardless of where the data is stored.

3. Data Loss Prevention (DLP): Policies that monitor and protect against accidental sharing of sensitive information, helping to reduce the risk of data breaches.

4. Retention and Disposal Policies: Tools to define how long data should be retained and when it should be deleted, ensuring compliance with legal and regulatory requirements.

5. eDiscovery and Legal Hold: Simplified processes for searching, preserving and exporting data for legal investigations and audits.

6. Compliance with Regulations: Helps organisations adhere to various compliance frameworks by providing the necessary tools for managing and protecting data.

7. Centralised Management: A unified interface for managing information governance policies across Microsoft 365 services, streamlining administration and oversight.

Overall, the M365 E5 Information Protection and Governance capabilities empower organisations to protect sensitive data, ensure compliance and manage the information lifecycle effectively, enhancing overall data security and governance.

3. M365 Business Premium + Advanced Identity Protection

For managed IT services, considering Microsoft Entra ID Premium Plan 2 (formerly Azure Active Directory Premium P2) offers numerous advantages:

1. Firstly, Entra ID Plan 2 is a stand-alone solution, meaning it can be added to any existing Entra ID user; there are no qualifying licenses!

2. We now see Microsoft Partners adding Entra ID Plan 2 to M365 Business Premium customers to uplift identity security and to align with zero trust principles and the Essential 8 framework.

3. Advanced Security Features: Entra ID Premium P2 provides advanced security capabilities, including real-time risk monitoring and in-depth protection against identity threats. This is crucial for ensuring compliance with privacy regulations and protecting sensitive data.

4. Conditional Access: It includes risk-based conditional access, which helps manage and control access to resources based on user risk levels³. This ensures that only authorised users can access sensitive information, reducing the risk of data breaches.

5. Identity Protection: The plan offers comprehensive identity protection features, such as real-time dynamic user and sign-in risk assessments³. These help identify and mitigate potential security threats promptly.

6. Privileged Identity Management (PIM): PIM capabilities allow for better management of privileged accounts, ensuring that administrative access is granted only when necessary and monitored closely.

7. Compliance and Reporting: Entra ID Premium P2 includes advanced security and usage reports, essential for demonstrating compliance with privacy regulations and auditing purposes.

8. Scalability and Integration: The plan integrates seamlessly with other Microsoft services and can scale according to the business's needs, making it a flexible solution for growing businesses⁵.

By adopting Microsoft Entra ID Premium Plan 2, managed IT services can enhance their security posture, ensure compliance with evolving privacy regulations and provide robust identity management solutions to their clients.

4. M365 E3 + Security or Compliance Mini Bundle

Microsoft 365 E5 Add-Ons

Users with either an M365 E3 or both Office 365 E3 and EMS E3 are eligible for either of the two E5 Add-On bundles: the E5 Security Add-On or the E5 Compliance Add-On.

The E5 Security Add-On includes the following solutions.

• Entra ID Plan 2

• Defender for Endpoint Plan 2

• Defender for Office 365 Plan 2

• Defender for Cloud Apps

• Defender for Identity

• Defender XDR via Sentinel

The E5 Compliance Add-On includes the following solutions.

• Advanced eDiscovery and Audit

• Insider Risk Management

• Information Protection and Governance

The value of the E5 Security Add-On

The M365 E5 Security Add-On enhances Microsoft 365 with advanced security features to protect organisations from evolving threats. Its value includes:

1. Advanced Threat Protection: Tools like Microsoft Defender for Office 365 and Microsoft Defender for Endpoint help safeguard against malware, phishing and other attacks.

2. Information Protection: Features like Azure Information Protection ensure sensitive data is classified and protected.

3. Identity and Access Management: Azure Active Directory Premium P2 provides advanced identity protection, including conditional access and identity protection policies.

4. Compliance and Data Governance: Advanced compliance solutions help organisations meet regulatory requirements and manage data governance effectively.

5. Security Management: Centralised security management through Microsoft 365 Security Center allows streamlined security operations.

6. Risk Management: Advanced capabilities for threat detection and response help organisations mitigate risks proactively.

Overall, the M365 E5 Security Add-On provides comprehensive security, compliance and management tools, making it valuable for organisations looking to strengthen their cybersecurity posture.

The value of the E5 Compliance Add-On

The M365 E5 Compliance Add-On offers a range of advanced features designed to help organisations manage compliance and protect sensitive information. Its value includes:

1. Advanced Compliance Solutions: Tools for managing compliance across various regulations, such as GDPR, HIPAA and others, ensuring organisations can meet legal requirements.

2. Information Governance: Features like data loss prevention (DLP), retention policies, and information archiving help manage and protect critical data throughout its lifecycle.

3. Insider Risk Management: Tools to detect, investigate and respond to potential insider threats, enhancing overall security.

4. Communication Compliance: Monitoring and managing communications within the organisation to ensure compliance with policies and regulations.

5. eDiscovery and Legal Hold: Advanced eDiscovery capabilities allow organisations to efficiently search, hold and export data for legal investigations.

6. Compliance Score: A dashboard that provides a compliance score, helping organisations assess their compliance posture and identify areas for improvement.

Overall, the M365 E5 Compliance Add-On equips organisations with the necessary tools to maintain compliance, manage risk and protect sensitive data, making it a valuable addition for organisations navigating complex regulatory landscapes.

5. M365 E3 to M365 E5

Moving from Microsoft 365 E3 to the complete Microsoft 365 E5 suite represents the most comprehensive security and compliance upgrade path. Instead of adding individual components, this provides the full range of premium capabilities in one integrated package.

The value of E5 Insider Risk Add-On

Microsoft 365 E5 Insider Risk Management is designed to help organisations identify, investigate, and mitigate insider threats. The value it provides includes:

1. Proactive Monitoring: It uses machine learning and analytics to detect unusual behaviours that may indicate insider threats.

2. Policy Enforcement: Organisations can set up custom policies to manage risks based on their needs.

3. Automated Alerts: It generates alerts for potentially risky activities, allowing security teams to respond quickly.

4. Investigation Tools: It offers tools to investigate incidents, including detailed audit logs and user activity reports.

5. Compliance Support: Helps organisations meet regulatory compliance requirements by tracking and managing insider threats effectively.

6. Integration with Other Microsoft Services: Seamlessly integrates with other Microsoft 365 security solutions for comprehensive threat management.

The overall value lies in enhancing security posture, protecting sensitive data and ensuring compliance while minimising the risks posed by insider threats.

The value of E5 eDiscovery and Audit Add-On

Microsoft 365 E5 eDiscovery and Audit provide significant value for organisations by enhancing their ability to manage legal and compliance requirements effectively. Key benefits include:

1. Comprehensive eDiscovery: Facilitates the identification, preservation and collection of data for legal investigations and compliance purposes, helping organisations respond to legal requests quickly.

2. Advanced Search Capabilities: Allows users to conduct complex searches across a wide range of Microsoft 365 services (like Exchange, SharePoint and Teams), ensuring relevant data can be easily located.

3. Legal Hold: Enables organisations to place holds on specific content to prevent it from being altered or deleted, ensuring data integrity during legal proceedings.

4. Audit Logs: Provides detailed logs of user and admin activities across Microsoft 365 services, allowing organisations to track changes and access patterns for compliance and security monitoring.

5. Integration with Compliance Tools: Works seamlessly with other Microsoft compliance solutions, allowing for a unified approach to risk management and data protection.

6. Streamlined Workflow: Simplifies the eDiscovery process through automated workflows, making it easier for legal and compliance teams to manage tasks.

Overall, Microsoft 365 E5 eDiscovery and Audit enhance an organisation's ability to manage data responsibly, respond to legal inquiries efficiently and maintain compliance with regulatory requirements.

6. M365 Business Premium + M365 E5 Mini Bundle

Microsoft has responded to partner feedback about the significant price gap between M365 Business Premium and full E5 by creating a bridging solution that makes it easier for partners to upsell while offering customers enhanced protection. This mini bundle creates an excellent opportunity for partners to drive an upsell motion for their Business Premium customers.

Moving from M365 Business Premium to the M365 E5 Security Mini Bundle enables organisations to enhance their security with extended threat detection and response (XDR), advanced threat analytics and proactive defence against evolving cyber threats.

For businesses requiring more robust protection, this upgrade unlocks advanced tools driven by AI and automation, including:

• Defender for Office 365 Plan 2:Protects against sophisticated phishing, business email compromise and malware in emails and attachments. For example, it can detect a phishing attempt impersonating a trusted brand and block it before it reaches an inbox.

• Defender for Identity:Monitors identity systems for suspicious activities, such as brute-force attacks or unusual login behaviour.

• Defender for Endpoint Plan 2:Enhances endpoint security with threat hunting, advanced analytics and automated remediation. For example, if a device is compromised, it isolates the threat and repairs the system.

• Microsoft Entra ID P2:Offers additional capabilities, such as risk-based conditional access, which adapts login requirements based on user behaviour and location.

• Defender for Cloud Apps:Monitors cloud app usage, detects shadow IT and protects against unauthorised access to cloud data.

This approach helps businesses address complex security threats while enabling partners to deliver valuable services that bridge the gap between basic and enterprise-level security.

Securing SaaS Applications with Defender for Cloud Apps

Another market-leading Microsoft solution often overlooked is Defender for Cloud Apps, a Cloud Access Security Broker (CASB). Those of you who have attended some of our Voyager Program sessions will probably have heard me express my admiration for this solution. It's one of my favourites due to its versatility, capability and relevance in today's global cybersecurity landscape.

Defender for Cloud Apps has an impressive SaaS Application Catalogue containing more than 31,000 applications, each with comprehensive security information and a risk score associated with industry regulations and zero-trust principles. Using the catalogue, customers can monitor, govern and restrict access to SaaS apps and restrict what data can or cannot be accessed by managed SaaS applications. They can also label and encrypt data on the fly to ensure data isn't leaked or exfiltrated due to human error or a breach.

Additionally, the App Catalogue includes an AI category, allowing businesses to monitor, govern and restrict the use of AI tools, including those from mobile devices and 3^rd party platforms. Customers can use Defender for Cloud Apps to prevent sensitive information from being used by AI tools that could make that data publicly accessible.

Taking the Next Steps with your Customers

Despite the clear benefits of Microsoft's security solutions, many partners are unsure how to start the conversation with their customers. Here are some practical steps to help you begin:

1. Assess Current Security Posture: Use Dicker Data's assessment tools to evaluate your customers' security setup and identify gaps.

2. Small Steps: Start with the most critical security needs and expand. The easiest first step is often the upgrade from Business Standard to Business Premium.

3. Demonstrate Clear ROI: Show customers how their investment in security protects them, improves productivity and reduces operational costs in the long run.

4. Leverage our Resources: Dicker Data provides partners with ready-to-use security marketing materials, technical guides and sales tools to support your conversations.

5. Book a Strategy Session: Our team can help you develop a custom security practice growth plan tailored to your unique customer base and business model.

Your Security Practice Growth Opportunity

The convergence of AI adoption and regulatory changes has created a significant opportunity for Microsoft Partners to expand their security offerings. Microsoft's mini bundles and strategic upsell pathways provide practical ways to increase revenue while delivering essential customer protection.

Today's successful partners recognise security as a core differentiator in their overall service offering. Dicker Data is ready to support your security practice development with specialised resources, expertise and guidance.

To explore how we can help you build a more profitable security practice, visit our dedicated page or contact your Dicker Data Partner Development Manager today.