|
Enterprise Mobility + Security E3 |
Enterprise Mobility + Security E5 |
Components included |
- Azure Active Directory Premium P1
- Intune
- Azure Information Protection P1
- Advanced Threat Analytics
|
- Azure Active Directory Premium P2
- Intune
- Azure Information Protection P2
- Advanced Threat Analytics
- Cloud App Security
- Azure Advanced Threat Protection
|
Simplified access management and security
Centrally manage single sign-on across devices, your datacenter, and the cloud.
|
✓ |
✓ |
Multifactor authentication
Strengthen sign-in authentication with verification options, including phone calls, text messages, or mobile app notifications, and use security monitoring to identify inconsistencies.
|
✓ |
✓ |
Conditional access
Define policies that provide contextual controls at the user, location, device, and app levels to allow, block, or challenge user access.
|
✓ |
✓ |
Risk-based conditional access
Protect apps and critical data in real time using machine learning and the Microsoft Intelligent Security Graph to block access when risk is detected.
|
|
✓ |
Advanced security reporting
Monitor suspicious activity with reporting, auditing, and alerts, and mitigate potential security issues using focused recommendations.
|
✓ |
✓ |
Privileged identity management
Provide timely, on-demand administrative access to online services with access-related reporting and alerts.
|
|
✓ |
Windows Server Client Access License (CAL)*
Provide each user access to server functions from multiple devices for a single fee.
|
✓ |
✓ |
Mobile device management
Enroll corporate and personal devices to provision settings, enforce compliance, and protect your corporate data.
|
✓ |
✓ |
Mobile application management
Publish, configure, and update mobile apps on enrolled and unenrolled devices, and secure or remove app-associated corporate data.
|
✓ |
✓ |
Advanced Microsoft Office 365 data protection
Extend management and security capabilities across users, devices, apps, and data, while preserving a rich, productive end-user experience.
|
✓ |
✓ |
Integrated PC management
Centralize management of PCs, laptops, and mobile devices from a single administrative console, and produce detailed hardware and software configuration reporting.
|
✓ |
✓ |
Integrated on-premises management
Extend your on-premises management to the cloud from a single console with Microsoft System Center Configuration Manager and Microsoft System Center Endpoint Protection integration for enhanced PC, Mac, Unix/Linux server, and mobile device administration.
|
✓ |
✓ |
Persistent data protection
Encrypt sensitive data and define usage rights for persistent protection regardless of where data is stored or shared.
|
✓ |
✓ |
Intelligent data classification and labeling
Configure policies to automatically classify and label data based on sensitivity and then apply persistent protection.
|
|
✓ |
Document tracking and revocation
Monitor activities on shared data and revoke access in case of unexpected events.
|
✓ |
✓ |
Encryption key management per regulatory needs
Choose default key management options or deploy and manage your own keys to comply with regulations.
|
✓ |
✓ |
Microsoft Advanced Threat Analytics
Detect abnormal behavior in on-premises systems and identify advanced targeted attacks and insider threats before they cause damage.
|
✓ |
✓ |
Microsoft Cloud App Security
Gain visibility, control, and protection for your cloud-based apps, while identifying threats, abnormal usage, and other cloud security issues.
|
|
✓ |
Azure Advanced Threat Protection
Detect and investigate advanced attacks and suspicious behaviors on-premises and in the cloud.
|
|
✓ |